NEWSPAPER 


THE  VOICE  OF  IT  MANAGEMENT  ■  WWW.COMPUTERWORLD.COM 

Hackers  Beating 
Efforts  to  Patch 
Software  Flaws 

Rapid  attacks  via  Windows  2000  hole  prompt 
calls  for  broader  IT  security  mechanisms 


BY  JAIKUMAR  VIJAYAN 

The  speed  at  which 
hackers  are  taking  advan¬ 
tage  of  newly  disclosed 
software  flaws  should  be 
prompting  companies  to 
adopt  stronger  measures 
for  dealing  with  such  vulnera¬ 
bilities,  according  to  IT  man¬ 
agers  and  analysts. 

Several  security  experts  last 
week  said  that  IT  departments 
need  to  look  beyond  just 
patching  defects  and  devise 
broader  and  more  holistic 
strategies  to  defend  them¬ 
selves  against  attacks  seeking 
to  quickly  exploit  new  flaws. 

The  advice  comes  in  the 
wake  of  an  onslaught  of  worms 


We  are  going 
to  have  to 

fast-track  the  latest 
security  upgrades, 
maybe  the  same 
day,  unfortunately. 

SATISH  AJMANI.  CIO, 

SANTA  CLARA  COUNTY 


that  targeted  a  flaw  in  a 
plug-and-play  compo¬ 
nent  of  Windows  2000. 
The  worms  hit  several 
large  companies,  includ¬ 
ing  The  New  York 
Times  Co.,  Cable  News 
Network  LP,  Caterpillar  Inc., 
DaimlerChrysler  AG  and  Gen¬ 
eral  Electric  Co.,  when  hackers 
made  use  of  the  hole  disclosed 
less  than  a  week  earlier  by  Mi¬ 
crosoft  Corp.  as  part  of  its 
monthly  patch  release. 

The  rapid  exploitation  of 
the  Windows  2000  vulnerabil¬ 
ity  left  some  IT  managers 
acutely  aware  of  the  need  to 
be  vigilant  about  keeping  then- 
systems  up  to  date. 

“We  are  going  to  have  to 
fast-track  the  latest  security 
upgrades,  maybe  the  same  day, 
unfortunately,”  said  Satish  Aj- 
mani,  CIO  of  California’s  Santa 
Clara  County.  “It  is  scary.” 

The  trend  has  prompted 
Uiine  Inc.  to  accelerate  its 
patching  of  desktops  and 
servers,  said  Robert  Olson,  a 
Hackers,  page  16 


INI 

“Spear-phishing” 
attacks  pose 
a  dangerous 
new  threat. 

PAGE  6 


i 


AUGUST  22,  2005  «  VOL.  39  ■  NO.  34  »  S5/C0PY 


Speech-enabled  applications  that 
understand  and  respond  to  callers’ 
requests  are  finally  beginning  to  deliver 
bottom-line  results.  But  the  systems 
still  need  a  lot  of  fine-tuning,  and 
some  assembly  is  required,  reports  £ 
Robert  L.  Mitchell.  T  . 


TV  Guide’s  Steve  Martin  says  a  virtual  call-center  agent 
has  cut  costs  and  improved  customer  service. 


Utility  Merges  Call  Centers, 
Customer  Info  Systems 


Expects  four-year  effort 
to  save  money,  improve 
its  customer  service 


BY  THOMAS  HOFFMAN 

HARTFORD,  CONN. 

Northeast  Utilities  Service  Co. 
is  halfway  through  a  four-year 
project  to  consolidate  three 
customer  information  sys¬ 
tems  into  one  and  six  call  cen¬ 
ters  into  two  facilities. 

The  energy  company’s 
eight-figure  investment  is  ex¬ 
pected  to  help  it  develop  a 
common  set  of  customer  ser¬ 
vice  processes  to  support  its 
four  operating  companies’ 

2  million  customers,  said  NU 


executives  interviewed  here 
this  month. 

The  effort  also  should  make 
it  easier  for  the  utility  to  roll 
out  future  rate  changes  and 
meet  other  requirements,  the 
executives  said. 

Zarko  Sumic,  an 
analyst  at  Gartner 
Inc.  who  consulted 
on  the  project  last 
year,  estimated  that 
the  consolidation  will 
generate  more  than 
$10  million  in  annual 
operations  and  main¬ 
tenance  savings  for 
NU.  Officials  at  the 
Berlin,  Conn.-based 
utility  declined  to 


quantify  the  anticipated  cost 
savings. 

NU  is  in  the  process  of  con¬ 
solidating  its  six  call  centers 
into  one  facility  in  Windsor, 
Conn.,  and  another  at  an  un¬ 
determined  location  while 
putting  a  new  .Net  front  end 
on  an  IBM  mainframe-based 
CIS  that  has  been  in  place 
since  1999. 

“The  aim  is  to  have  a  more 
efficient  customer 
service  group  while 
moving  us  to  a  single, 
integrated  CIS,”  said 
Kevin  Charette,  proj¬ 
ect  director  for  the 
customer  service  inte¬ 
gration  effort. 

When  NU  began 
evaluating  its  cus¬ 
tomer  service  options 
in  2003,  Charette  said. 
Utility,  page  45 


CHARETTE:  ;; 
NU  hopes  to 
have  “a  single, 
integrated 
CIS.” 


,  I 

gSg§|fc3'  y 


NAME 


Mr.  50,000  Global 
Remote  and  Mobile 
Users  Connected 
Without  a  VPN. 


pal  Our  pte$cy> '  are  either  a^ote'ed  trademarks 
»y  L*e  too  jjademaiks  of  their  respective  ov/ne:$. 


vs  ton  •.  WiorJows  Seri 
ham<v  of  actual  com 


"At  Nissan,  we  expect  to  save  at  least  $135  million  annually 
thanks  to  the  efficiencies  that  Windows  Server  2003  and 
Exchange  Server  2003  are  helping  us  achieve." 

Toshihiko  Suda 

Senior  Manager,  Nissan  Motor  Company,  Ltd. 


Make  a  name  for  yourself  with  Windows  Server  System. 

An  upgrade  to  Microsoft  Windows  Server  System 
made  it  possible  for  50,000  worldwide  employees 
at  Nissan  Motor  Company  to  have  more  secure 
remote  access  to  their  e-mail  and  calendars 
from  any  Internet  connection,  without  the  hassle 
and  expense  of  a  VPN.  Here's  how:  By  deploying 
Windows  Server  2003  and  Exchange  2003,  not  only 
did  Nissan  IT  meet  the  CEO's  demand  for  better  global 
collaboration,  they  expect  to  save  at  least  $135  million 
by  streamlining  their  messaging  infrastructure. 
To  get  the  full  Nissan  story  or  find  a  Microsoft 
Certified  Partner,  go  to  microsoft.com/wssystem 


Windows 
Server  System 


Windows  Server  System™  includes: 


Server  Platform  Windows  Server™ 


Virtualization 

Virtual  Server 

Data  Management  &  Analysis 

SQL  Server™ 

Communications 

Exchange  Server 

Portals  &  Collaboration 

Office  SharePoinr  Portal  Server 

Integration 

BizTalk  Server 

Management 

Systems  Management  Server 

Microsoft'  Operations  Manager 

Security 

Internet  Security  &  Acceleration  Server 

Plus  other  software  products 


More  power.  Less  plant 


H^b\e,  virtual  capacity  Qnd ^ 

Sn,c\  consolidation  So U',f'in  ^ 

Intel ‘  Itanium'  2  Processors,  tbe  p  ^  ^  applications  °°^q 


11  \UZ* 

1  xL.  ; 


V0c'^//p 

Q/e  fQ  re9rity  servers,  powered  by 

Wifh  speed  and  ease,  making  a  more 


io  at  hp.com/info/integrity 


CONTENTS 


Water  Returns  to 
The  Data  Center 

In  the  Technology  section:  As  server  heat  loads  in¬ 
crease,  vendors  are  reintroducing  water  cooling  op¬ 
tions  as  a  supplement  to  computer  room  air  handling 
systems  —  and  stoking  old  fears.  Page  28 


08.22.05 


Show  Me 

In  the  Management  section:  What’s  it  like  to 
have  a  personal  coach?  Come  along  for  a  six- 
month  ride  that  changed  Truman  Medical 
Centers’  Destiny  Moneysmith  (right,  with 
consultant  Gwen  Walsh)  from  a  skeptical  IT 
project  manager  to  a  believer.  Page  35 


NEWS 


TECHNOLOGY 


OPINIONS 


ONLINE 

WWW.COMPUTERWORLD.COM 


6  “Spear  phishing,”  in  which 
customized  e-mail  attacks 
solicit  confidential  data,  is 
a  growing  threat,  say  security 
analysts,  who  recommend 
end-user  education  as  a  cure. 

6  French  security  researchers 

report  a  flaw  that  can  be 
exploited  via  the  Internet 
Explorer  browser;  Microsoft 
says  it’s  investigating. 

7  The  Interex  user  group  seeks 
bankruptcy  protection  after 
shutting  its  doors  and  cancel¬ 
ing  its  HP  World  conference. 

7  The  H-1B  visa  cap  is  likely  to 
be  controversial  again  this 
year,  as  IT  trade  groups  lobby 
Congress  for  a  higher  limit. 

10  Novell’s  ZENworks  adds  life- 
cycle  management  capabili¬ 
ties  for  Linux  systems  and 
supports  Windows  PC  man¬ 
agement  from  a  Linux  server. 

12  Sabre  Holdings  plans  to  re¬ 
place  a  15-year-old  EDI  system 
with  a  set  of  Web  services. 

12  Open-source  vendor  JBoss 
aims  a  migration  program 
at  users  of  BEA’s  WebLogic 
application  server. 

14  Global  Dispatches:  The  cost 
of  PC  components  rises,  but 
analysts  predict  that  PC  prices 
won’t;  and  a  $500  million  proj¬ 
ect  is  launched  to  boost  broad¬ 
band  in  West  Africa. 

14  Telecommuting  is  appealing 
because  of  high  fuel  prices,  and 
employers  say  they’re  ready  for 
an  increase  in  remote  workers. 


25  Smart  Talk.  Speech-enabled 
apps  move  into  the  main¬ 
stream,  enabling  call  centers 
to  improve  service  levels. 

30  Future  Watch:  Power  Play. 

Researchers  at  Los  Alamos 
and  elsewhere  are  finding 
ways  to  keep  CPU  power  up 
and  energy  consumption  and 
heat  down. 

31  Geek’s  Garden.  Semiconduc¬ 
tor  circuits  go  nanotech;  how 
the  loom  led  to  punch  cards; 
and  spamming  for  oil. 

32  Security  Manager’s  Journal: 
Intellectual  Property  Is  Focus 
at  New  Job.  Mathias  Thur¬ 
man  starts  a  new  job  with  a 
big  challenge:  to  block  em¬ 
ployees  from  taking  intellec¬ 
tual  property  and  setting  up 
competing  consultancies. 

MANAGEMENT 

37  Managers’  Forum.  How  does 
a  busy  IT  leader  learn  to  say 
no?  Paul  Glen  has  a  suggestion, 
along  with  other  advice,  plus 
feedback  from  one  reader. 

38  Grating  Expectations.  When 
customers  develop  the  wrong 
expectations  for  an  IT  project, 
everyone  loses.  Here’s  what 
you  can  do  about  it. 

40  Career  Watch.  CIO  Andrew 
Armishaw  of  HSBC  offers  IT 
career  advice.  Plus,  a  study 
gauges  how  confident  IT 
workers  are  about  their  job 
prospects,  and  a  poll  shows 
that  interest  in  computer 
science  continues  to  wane. 


8  On  the  Mark:  Mark  Hall  re¬ 
ports  that  broadband  over 
power  lines  is  gathering  mo¬ 
mentum  despite  objections 
by  ham  radio  users  and  some 
public  safety  pros  who  de¬ 
pend  on  nearby  frequencies. 

20  Don  Tennant  believes  that 
Chinese  Premier  Wen  Jiabao 
was  mistaken  when  he  pre¬ 
dicted  “the  Asian  century  of 
the  IT  industry.” 

20  Bruce  A.  Stewart  shows  how 
to  get  more  out  of  the  infor¬ 
mation  side  of  IT. 

21  Michael  H.  Hugos  has  to  re¬ 
consider  some  of  the  harsh 
opinions  that  he,  as  a  CIO,  has 
harbored  about  accountants. 

33  Robert  L.  Mitchell  notes  that 
experts  think  it’s  inevitable 
that  viruses  will  one  day  be 
able  to  destroy  a  computer  by 
altering  its  microcode.  So  why 
haven’t  we  seen  more  of  them? 

41  Paul  Ingevaldson  says  one 
type  of  CIO  doesn’t  fit  all 
companies.  He  has  some 
advice  for  CEOs  about  how 
to  choose  the  right  one. 

46  Frankly  Speaking:  Frank 
Hayes  wonders  when  vendors 
will  get  serious  about  eliminat¬ 
ing  buffer  overflow  problems. 


DEPARTMENTS/RESOURCES 


At  Deadline  Briefs  . 6 

News  Briefs  . 8,12 

Letters  . 21 

IT  Careers . 42 

Company  Index . 44 

How  to  Contact  CW . 44 

Shark  Tank  . 46 


Offshoring  101:  Protect  Yourself 

CAREERS:  Robert  Half  Technology’s  Kather¬ 
ine  Spencer  Lee  offers  some  tips  for  maxi¬ 
mizing  your  marketability  to  take  advantage 
of  the  opportunities  related  to  offshoring  at 
your  company.  ©  QuickLink  56062 

Lessons  Learned  From 
Corporate  Security  Breaches 

OPINION:  Privacy  columnist  Jay  Cline  pro¬ 
vides  a  five-point  agenda  for  preventing  the 
kind  of  information  security  breaches  that 
are  triggering  big  headlines  and  legislation. 

©  QuickLink  56017 

FUD-busting  the  Grid  Debate 

SOFTWARE:  The  research  community  was 
good  enough  to  create  and  oversee  the  Inter¬ 
net,  says  grid  pioneer  Ian  Foster.  So  why  are 
some  vendors  claiming  that  academic  grid 
software  isn’t  good  enough  for  corporate  IT? 
©  QuickLink  56090 

Where  Is  Storage 
Infrastructure  Going? 

WEBCAST:  EMC’s  Mark  Lewis  says  that 
managers  should  tackle  storage  virtualiza¬ 
tion  projects  by  first  identifying  storage  pain 
points  before  attempting  practical  innova¬ 
tion.  ©  QuickLink  a6910 

News  Right  to  Your  In-box 

Between  issues  of  Computer-world,  keep  up 
with  all  the  IT  news  you  need  to  know  with 
our  free  e-mail  newsletters.  Subscribe  at 

©  QuickLink  a143Q 

What’s  a  QuickLink? 

©Throughout  each  issue  of 
Computerworld,  you’ll 
see  five-digit  QuickLink  codes 
pointing  to  related  content  on 
our  Web  site.  Also,  at  the  end  of 
each  story,  a  QuickLink  to  that 
story  online  facilitates  sharing  it 
with  colleagues.  Just  enter  any 
of  those  codes  into  the  Quick¬ 
Link  box,  which  is  at  the  top  of 
every  page  on  our  site. 


ONLINE 

DEPARTMENTS 

Breaking  News 

©  QuickLink  a1510 

Newsletter 

Subscriptions 

©  QuickLink  a143Q 

Knowledge  Centers 
©  QuickLink  a2570 

The  Online  Store 

©  QuickLink  a2420 


GQMPUTERWGRLD  August  22, 2005 


AT  DEADLINE 


Air  Force  Notifies 
33,000  of  Hack 

The  U.S.  Air  Force  said  it  is  notify¬ 
ing  more  than  33,000  airmen  of 
a  security  breach  in  its  online 
Assignment  Management  System, 
which  includes  career  and  per¬ 
sonal  information  of  personnel. 
Officials  said  someone  illicitly 
entered  the  system  using  a  legiti¬ 
mate  user’s  password  and  ac¬ 
cessed  information  on  an  undis¬ 
closed  number  of  officers. 


Sun  Creates  New 
Open-Source  Office 

Sun  Microsystems  Inc.  has  creat¬ 
ed  a  new  office  to  coordinate  its 
open-source  projects  and  ap¬ 
pointed  longtime  Sun  technology 
evangelist  Simon  Phipps  to  over¬ 
see  the  effort  as  chief  open- 
source  officer.  Phipps  has  been 
performing  the  duties  of  that  job 
for  about  two  years.  The  move 
marks  the  first  time  Sun  has  put 
an  executive  in  charge  of  all  of  its 
open-source  projects. 


Intel  Offers  New 
Training  in  India 

Intel  Corp.  and  training  company 
NIIT  Ltd.  have  agreed  to  create 
specialized  training  to  help  soft¬ 
ware  developers  in  India  learn 
about  Intel  architectures.  The  pro 
gram,  offered  in  labs  at  10  NIIT 
training  centers  in  India,  will  ini¬ 
tially  focus  on  multicore  process¬ 
ing.  In  three  years,  Intel  expects 
to  extend  the  program  to  at  least 
50,000  students. 


Qualcomm  Buying 
Mobile  Tool  Supplier 

Qualcomm  Inc.  plans  to  buy  Elata 
Ltd.,  a  maker  of  mobile  content- 
delivery  software,  for  $57  million 
in  cash.  Qualcomm  said  it  will 
integrate  Elata’s  software  with 
its  own  Brew  technology,  which 
acts  as  a  "virtual  marketplace” 
between  content  providers  and 
mobile  operators.  Elata’s  products 
support  standards  like  Java,  the 
Wireless  Application  Protocol  and 
the  Open  Mobile  Alliance’s  DRM. 


NEWS 


www.computerworld.com 


Training  Needed  to  Halt 
‘Spear-Phishing’  Attacks 


Little  technology  available  to  combat 
targeted  e-mail  scams,  say  experts 


victims  into  sharing  confiden¬ 


BY  JAIKUMAR  VIJAYAN 

o-called  spear-phish- 
ing  attacks  —  cus¬ 
tomized  spoof  e-mails 
that  appear  to  come 
from  trusted  sources  and  ask 
recipients  to  part  with  confi¬ 
dential  information  —  pose  a 
dangerous  and  emerging 
threat  to  organizations. 

There  are  no  mature  techni¬ 
cal  solutions  to  the  problem, 
so  IT  must  emphasize  educa¬ 
tion,  security  experts  said  dur¬ 
ing  a  telephone  briefing  on  the 
topic  last  week. 


Affects  only 
systems  with  the 
Msdds.dll  file 

BY  ROBERT  McMILLAN 

An  unpatched  vulnerability  in 
a  file  used  within  Microsoft 
Corp.’s  Office  and  Visual  Stu¬ 
dio  software  could  enable  at¬ 
tackers  to  seize  control  of  sys¬ 
tems  via  the  Internet  Explorer 
browser,  security  researchers 
in  France  reported  last  week. 

The  disclosure  prompted 
Microsoft  to  issue  a  security 
advisory  saying  that  it  was 
“aggressively  investigating” 
the  reported  flaw.  But  the  soft¬ 
ware  vendor  also  took  the  re¬ 
searchers  to  task,  saying  that 
the  possible  vulnerability  “was 
not  disclosed  responsibly,  po¬ 
tentially  putting  computer 
users  at  risk”  because  of  the 
lack  of  an  available  patch. 

Microsoft  said  the  situation 
involves  a  Component  Object 
Model  object  called  the 
Microsoft  DDS  Library  Shape 
Control,  or  Msdds.dll.  The 
object  isn’t  shipped  as  part  of 
Windows  by  default;  it  isn’t 


The  briefing  for  federal  and 
state  security  managers  was 
organized  by  the  SANS  Insti¬ 
tute,  a  security  research  com¬ 
pany  in  Bethesda,  Md. 

“Phishing  has  become  so 
sophisticated  that  it  has  be¬ 
come  one  of  our  top  [security] 
concerns,”  said  William  Pel- 
grin,  director  of  the  New  York 
State  Office  of  Cyber  Security 
and  Critical  Infrastructure  Co¬ 
ordination  (CSCIC)  in  Albany. 

Spear-phishing  attacks  are 
similar  to  regular  phishing 
scams  in  that  they  try  to  lure 


designated  as  safe  for  script¬ 
ing  uses;  and  it  isn’t  intended 
to  be  used  within  IE,  accord¬ 
ing  to  the  advisory. 

However,  the  French  Securi¬ 
ty  Incident  Response  Team 
(FrSIRT)  said  a  memory-cor¬ 
ruption  error  in  the  Msdds.dll 
file  could  be  exploited  by  at¬ 
tackers  who  place  malicious 
code  on  Web  pages  displayed 
in  Microsoft’s  Web  browser. 
The  Montpellier,  France-based 
research  organization  gave  the 
flaw  a  “critical”  rating,  al¬ 
though  it  noted  that  only  sys¬ 
tems  containing  Msdds.dll 
would  be  vulnerable. 

The  Msdds.dll  file  is  used 
by  developers  to  create  cus¬ 
tomized  Office  applications, 
said  Russ  Cooper,  editor  of  the 
NTBugtraq  mailing  list  and  an 
analyst  at  Cybertrust  Inc.  in 
Herndon,  Va.  Cooper  said  dur¬ 
ing  an  instant  messaging  ex¬ 
change  that  he  doesn’t  think 
the  file  has  been  installed  on  a 
large  number  of  Windows  sys¬ 
tems  and  that  he  isn’t  very 
concerned  about  possible  ex¬ 
ploits  of  the  vulnerability. 

Microsoft  said  it  wasn’t 


tial  data  or  downloading  Tro¬ 
jan  horse  programs.  However, 
spear  phishing  is  far  more  tar¬ 
geted,  and  the  e-mails  are 
much  more  customized  than 
regular  phishing  missives. 

Firewall  Killers 

The  volume  of  e-mail  in  a 
spear-fishing  attack  is  much 
lower  than  it  is  in  a  regular 
phishing  exploit,  making 
spear-fishing  scams  more  dif¬ 
ficult  to  detect. 

Alan  Paller,  director  of  re¬ 
search  at  the  SANS  Institute, 
described  spear-fishing  inci¬ 
dents  as  “firewall-killer  at¬ 
tacks”  that  can  be  as  effective 


aware  of  any  attacks  trying  to 
take  advantage  of  the  flaw  re¬ 
ported  by  the  FrSIRT.  The 
vendor,  which  added  that 
Msdds.dll  can  also  be  used 
within  Visual  Studio  to  visual¬ 
ize  database  objects,  said  it 
will  decide  whether  a  patch 
is  needed  after  completing  its 
investigation  of  the  flaw. 

Microsoft  suggested  work¬ 
arounds  that  it  said  could 
block  known  attack  mecha¬ 
nisms.  For  example,  the  com¬ 
pany  said  IT  managers  could 
use  the  Windows  registry  file 
to  disable  Msdds.dll  from  run¬ 
ning  in  IE  or  unregister  it  from 
the  operating  system. 

In  a  related  matter,  about  a 
dozen  Web  sites  have  cropped 
up  that  try  to  take  advantage 
of  a  flaw  in  IE’s  JPEG  render¬ 
ing  engine,  said  Dan  Hubbard, 
senior  director  of  security  and 
research  at  Websense  Inc.  in 
San  Diego.  Microsoft  patched 
that  hole  on  Aug.  9  as  part  of 
its  monthly  security  updates. 

Attackers  are  increasingly 
using  IE  instead  of  e-mail 
viruses  to  seize  control  of  sys¬ 
tems,  Hubbard  said.  “E-mail  is 
just  not  as  effective  as  it  used 
to  be,”  he  noted.  ©  56335 


McMillan  writes  for  the 
IDG  News  Service. 


as  “unsecured  wireless  for  go¬ 
ing  through  the  perimeter.” 

E-mail  authentication  tech¬ 
nologies  can  help  alleviate  the 
problem,  said  Dave  Jevans, 
chairman  of  the  Anti-Phishing 
Working  Group  in  Cambridge, 
Mass.  But  many  relevant  stan¬ 
dards  are  immature,  and  avail¬ 
able  technologies  can  require 
large  upgrades  to  e-mail  infra¬ 
structures.  Thus,  user  educa¬ 
tion  and  training  are  impor¬ 
tant,  Pelgrin  said. 

In  a  mock  phishing  scenario 
conducted  between  March 
and  May,  the  New  York  CSCIC 
sent  spoofed  e-mails  to  about 
10,000  employees  across  five 
state  agencies,  trying  to  trick 
users  into  surrendering  their 
passwords.  More  than  75% 
of  the  recipients  opened  the 
e-mail,  17%  followed  the  link, 
and  15%  attempted  to  enter 
their  passwords,  Pelgrin  said. 

In  an  exercise  two  months 
later  —  after  users  were  edu¬ 
cated  about  the  technique  — 
only  8%  of  respondents 
opened  the  e-mail,  Pelgrin  said. 

The  U.S.  Military  Academy 
at  West  Point  has  conducted 
similar  phishing  exercises 
over  the  past  few  years  and 
has  seen  a  decline  in  the  num¬ 
ber  of  users  who  fall  for  them. 

At  the  same  time,  the  num¬ 
ber  of  recipients  reporting  in¬ 
cidents  of  suspicious  e-mail 
has  gradually  risen,  showing 
that  more  people  are  aware  of 
the  problem,  said  Aaron  Fer¬ 
guson,  an  assistant  professor 
in  West  Point’s  department  of 
electrical  engineering  and 
computer  science.  ©  56330 


Spear-Phishing  Test 


The  New  York  CSCIC  conducted 
a  mock  phishing  exercise  across 
five  state  agencies  this  spring. 

■  Of  the  nearly  10,000  e-mails 
that  were  sent,  at  least  75%  of 

them  were  opened. 

— 

■  17%  of  the  recipients  followed 
the  e-mail’s  link,  which  took 
them  to  a  false  site. 

■  15%  of  the  e-mail  recipients 
o  attempted  to  interact  with  a 

“  fake  password  form  on  the  site. 

tx.  - 

>  ■  3%  of  the  e-mail  recipients 
^  took  the  appropriate  action  by 
s  manually  typing  the  Web  address 
§  into  their  browsers. 


Microsoft  Investigates 
Reported  Browser  Flaw 


CGMPUTESWORLB  August  22, 2005 


www.computerworld.com 

— 


NEWS 


> 


Interex  Seeks  Bankruptcy  Protection  After  Shutdown 


HP  user  group  faced  steep  revenue 
drop  in  the  past  year,  court  filing  says 


BY  PATRICK  THIBODEAU 

After  abruptly  pulling  the  plug 
on  its  operations  in  July,  the 
Interex  user  group  this  month 
filed  for  bankruptcy  protec¬ 
tion,  citing  plummeting  rev¬ 
enue  and  increasing  debt. 

The  Sunnyvale,  Calif.-based 
organization  for  users  of  Hew¬ 
lett-Packard  Co.’s  systems  re¬ 
ported  total  liabilities  of  just 
over  $4  million,  in  documents 
filed  at  the  U.S.  Bankruptcy 
Court  for  the  Northern  Dis¬ 
trict  of  California  in  San  Jose. 

Interex  shut  down  last 
month  and  canceled  its  HP 
World  conference,  which  was 
due  to  be  held  last  week  in  San 
Francisco  [QuickLink  55740]. 
The  user  group,  which 
claimed  to  have  about  100,000 
members,  offered  no  explana¬ 
tion  for  the  closure  beyond  a 
statement  that  it  was  “finan¬ 
cially  necessary.”  Interex 
board  members  contacted  by 
Computer-world  have  declined 
to  discuss  the  events  that  led 
to  the  shutdown. 

But  the  Chapter  7  bankrupt¬ 
cy  petition  that  was  filed  Aug. 
11  provides  some  insights. 

In  2003,  Interex  brought  in 
nearly  $8  million  from  its  con¬ 
ferences,  publications  and 
membership  fees,  according  to 
the  court  papers.  Last  year, 
when  HP  announced  that  it 
would  hold  its  own  user  con¬ 
ference  starting  this  Septem¬ 
ber,  Interex’s  revenue  fell  to 
$6.4  million  —  a  20%  decline. 

From  Jan.  1  to  Aug.  8  of  this 
year,  the  user  group  recorded 
just  $713,409  in  revenue,  the 
bankruptcy  filing  said. 

HP  World  was  its  chief 
source  of  revenue,  but  Interex 
faced  a  decline  in  trade-show 
bookings.  Sources  blamed 
competition  from  HP’s  up¬ 
coming  conference  and  a  gen¬ 
eral  decline  in  interest  among 
IT  vendors  in  exhibiting  at 
user  conferences. 

The  court  filing  shows  that 
Ronald  Evans,  the  user  group’s 
executive  director,  was  paid 
$214,676  from  August  2004 


through  the  end  of  last  month, 
including  a  payment  of  $43,746 
that  was  made  in  July.  How¬ 
ever,  his  biweekly  salary 
dropped  from  $8,925  to  $7,140 
in  the  first  five  pay  periods  of 
that  time  frame. 

The  final  payment  to  Evans 
may  have  been  required  under 
the  terms  of  his  contract  or  as 
part  of  a  severance  deal,  said 
one  source.  In  addition,  the 
user  group  still  owes  Evans 
$8,255.80,  according  to  the 
bankruptcy  filing. 

Four  Interex  board  members 
last  week  either  didn’t  return 
calls,  wouldn’t  comment  on 


Cap  for  FY  ’06  is 
reached;  IT  groups 
lobby  for  increase 

BY  PATRICK  THIBODEAU 

High-tech  trade  groups  will 
likely  again  push  Congress  to 
increase  the  H-1B  visa  cap,  af¬ 
ter  the  government  said  this 
month  that  it  has  already  re¬ 
ceived  enough  petitions  to 
reach  the  limit  of  65,000  new 
visas  set  for  the  fiscal  year 
that  starts  Oct.  1. 

The  Aug.  10  cutoff  date  for 
fiscal  2006  visa  petitions  was 
the  earliest  one  ever  for  the 
controversial  program  and 
marked  the  first  time  that  the 
application  process  has  been 
closed  prior  to  the  start  of  a 
fiscal  year. 

The  early  cutoff,  which  was 
officially  announced  two  days 
after  it  took  effect,  means  that 
some  U.S.  employers  may 
have  to  wait  more  than  a  year 
before  they  can  bring  in  addi¬ 
tional  H-1B  workers. 

“It’s  becoming  increasingly 
difficult  for  the  best  talent  in 
the  world  to  come  to  the  U.S.,” 
said  John  Palafoutas,  vice 
president  of  the  Washington- 


Falling  Fortunes 


Revenue  figures 
reported  by  Interex  in  its 
bankruptcy  court  filing 


*  Through  Aug.  8 


any  issues  or  said  they  could 
not  discuss  matters  relating  to 
the  bankruptcy  because  of  the 


based  trade  group  AEA. 
Palafoutas  said  IT  industry 
groups  have  been  meeting 
with  congressional  leaders  “to 
figure  out  what’s  the  best  way 
to  proceed  on  the  issue.” 

It’s  possible  that  a  “market- 
based”  solution  could  be  craft¬ 
ed  that  would  include  auto¬ 
matic  triggers  to  increase  the 
cap  if  there  was  a  strong  de¬ 
mand  for  H-1B  visas,  he  added. 

‘Significant’  Boost  Eyed 

Trade  groups  aren’t  specifying 
how  much  of  an  increase  they 
may  seek  in  the  visa  limit.  But 
any  expansion  of  the  cap 
“should  be  significant,”  said 
Bob  Cohen,  a  spokesman  for 
the  Information  Technology 
Association  of  America  in  Ar¬ 
lington,  Va.  “I  think  it’s  a  real 
problem,  and  the  longer  we 
put  off  addressing  it,  the  less 
competitive  we  will  be.” 

Vic  Goel,  an  immigration  at¬ 
torney  in  Greenbelt,  Md.,  said 
the  quick  exhaustion  of  the 
fiscal  2006  H-1B  allotment 
“obviously  should  be  taken 
as  a  sign  that  we  don’t  have 
enough  visas”  available  — 
especially  with  the  U.S.  econ¬ 
omy  doing  well. 


ongoing  court  proceedings. 

Evans  couldn’t  be  reached 
by  phone,  and  an  e-mail  that 
was  forwarded  to  him  by  an 
Interex  board  member  didn’t 
draw  a  response. 

Future  in  Doubt 

As  far  as  the  future  of  Interex 
is  concerned,  Denys  Beauche- 
min,  an  IT  consultant  who  is 
the  user  group’s  vice  chair¬ 
man,  said  he  doubts  that  any 
new  organization  will  emerge 
from  its  ashes. 

“HP  wants  to  control  every¬ 
thing,  and  there  is  no  room  for 
Interex  or  anything  like  that,” 
Beauchemin  said. 

However,  the  three  other  in¬ 
dependent  HP  user  groups 
said  in  the  wake  of  Interex’s 


But  H-1B  critic  Ron  Hira, 
who  is  vice  president  of  career 
activities  at  IEEE-USA,  ques¬ 
tioned  claims  that  reaching 
the  cap  so  soon  indicates  a 
need  for  more  visas. 

Hira,  who  is  also  an  assis¬ 
tant  professor  of  public  policy 
at  the  Rochester  Institute  of 
Technology  in  Rochester,  N.Y., 
noted  that  the  fiscal  2006  limit 
has  been  hit  before  companies 
have  even  hired  any  new 
workers. 

“It  seems  to  indicate  that 
companies  are  planning  ahead 
for  positions  that  don’t  exist 
right  now,  which  highlights 
the  fact  that,  contrary  to  con¬ 
ventional  wisdom,  they  aren’t 
searching  for  Americans  first,” 
Hira  said. 

Employers  aren’t  complete¬ 
ly  out  of  H-1B  options.  An  ad¬ 
ditional  20,000  visas  became 
available  in  May  for  the  cur¬ 
rent  fiscal  year,  and  a  similar 
number  will  be  offered  in  fis¬ 
cal  2006.  But  Congress  has 
limited  those  visas  to  foreign 
workers  who  have  advanced 
degrees  from  U.S.  universities. 

As  of  early  this  month,  the 
U.S.  Citizenship  and  Immigra¬ 
tion  Services  (USCIS)  had  re¬ 
ceived  10,379  advanced-degree 
petitions  for  fiscal  2005  and 
another  8,000  or  so  for  next 
year,  according  to  spokesman 
Christopher  Bentley. 


Congress  Faces  Renewed 
Fight  Over  H-1B  Visa  Limits 


collapse  that  they  remain  on 
solid  financial  footings.  One  of 
those  groups,  Chicago-based 
Encompass,  will  jointly  man¬ 
age  HP  Technology  Forum 
2005,  the  new  HP-sponsored 
conference  scheduled  to  begin 
Sept.  12  in  New  Orleans. 

Jim  Becker,  an  Encompass 
board  member  and  lead  sys¬ 
tems  engineer  at  the  Urban 
Institute,  a  Washington  think 
tank,  said  a  key  goal  of  the  up¬ 
coming  conference  “is  to  put 
real  users  and  real  experts  in 
the  room  together.” 

Becker  said  the  conference’s 
IT  focus  “will  probably  be 
halfway  between  the  tactical 
and  strategic.”  Many  of  the 
expected  attendees  are  “the 
chief  influencers”  who  gather 
data  used  to  help  executives 
make  IT  decisions,  he  added. 

O  56332 


Cap  Numbers 


The  current  H-1B  visa  limit  is 
65,000  per  fiscal  year,  plus 
20,000  for  workers  with 
master’s  degrees  or  higher 
from  U.S.  universities. 

FINE  PRINT:  6,800  of  the 
regular  visas  are  set  aside  for 
workers  from  Singapore  and 
Chile  under  trade  agreements. 

PREVIOUS  LIMIT:  195,000  in 
fiscal  2001, 2002  and  2003. 

ANOTHER  OPTION:  Congress 
this  year  approved  the  E-3  visa 
program,  which  makes  10,500 
visas  similar  to  the  H-1B  available 
to  Australian  citizens. 

Hira  charged  that  if  U.S. 
companies  truly  are  in  need  of 
highly  skilled  foreign  workers, 
the  extra  visas  set  aside  for 
graduate  students  schooled  in 
the  U.S.  would  have  been 
snapped  up  quickly. 

“If  they  were  hiring  the  best 
and  brightest,  that  would  be 
the  first  category  to  go,”  he 
said. 

The  USCIS  will  use  a  com¬ 
puter  to  randomly  select  ap¬ 
plications  from  the  visa  peti¬ 
tions  received  by  Aug.  10  until 
the  fiscal  2006  cap  allotment 
is  met,  Bentley  said.  All  of  the 
remaining  petitions  will  be  re¬ 
jected  by  the  agency.  O  5632S 


8  CGMPUTERWRRLD  August  22, 2005 


BRIEFS 


Agilent  Sells  Chip 
Unit,  LED  Stake 

Agilent  Technologies  Inc.  plans 
to  sell  its  semiconductor  product 
division  to  Kohlberg  Kravis 
Roberts  &  Co.  and  Silver  Lake 
Partners  for  $2.66  billion.  Agilent 
unloaded  the  chip  business  to 
focus  on  its  core  test  and  mea¬ 
surement  operations.  Agilent  also 
agreed  to  sell  its  stake  in  LED 
display  maker  Lumileds  Lighting 
LLC  to  Philips  Electronics  NV  for 
$950  million. 


HP  to  Resell  Emulex 
Host  Bus  Adapters 

Hewlett-Packard  Co.  has  agreed 
to  resell  Emulex  Corp.  Fibre  Chan¬ 
nel  host  bus  adapters  (HBA)  with 
its  blade  servers.  Emulex  has  a 
similar  agreement  with  IBM, 
which  resells  the  storage  net¬ 
working  company’s  HBAs  with 
its  eServer  BladeCenter  servers. 
HP  also  resells  HBAs  from  Emulex 
rival  QLogic  Corp. 

Intel  Paxville  Chips 
To  Ship  Early 

Intel  Corp.  plans  to  release  its 
dual-core,  hyperthreaded  Xeon 
and  Xeon  MP  processors,  code- 
named  “Paxville,”  later  this  year. 
The  chips  were  due  to  ship  in 
2006.  Intel  said  the  move  was 
possible  because  development  is 
ahead  of  schedule.  Intel’s  hyper¬ 
threading  technology  enables  a 
single  dual-core  processor  to  run 
four  threads  at  the  same  time. 


U.K.  Updates  IT 
Procurement  Rules 

The  U.K.  has  updated  its  guide¬ 
lines  for  government  IT  procure¬ 
ment  contracts,  bringing  them 
into  line  with  European  regula¬ 
tions  that  prohibit  the  public  sec¬ 
tor  from  discriminating  against 
vendors  in  invitations  for  bids. 

The  guidelines  state  that  requests 
for  bids  for  processors,  PCs  and 
other  equipment  must  use  generic 
terms  and  not  request  specific 
brands  or  clock  speeds. 


_ NEWS 

C  ONTHEMARK 


www.computerworld.com 


HOT  TECHNOLOGY  TRENDS,  NEW  PRODUCT 
NEWS  AND  INDUSTRY  BUZZ  BY  MARK  HALL 


Sparks  Fly  as 
Electric  Grid . . . 


. . .  becomes  infrastructure  for  data  networks.  Broadband 
over  power  lines  (BPL),  the  ability  to  transmit  data, 
voice  and  video  over  standard  electrical  power  lines, 
has  long  angered  many  ham  radio  operators  who 
claim  that  BPL  interferes  with  their  ability  to  trans¬ 


mit  or  receive  signals. 

BPL  has  also  alarmed 
some,  such  as  the  As¬ 
sociation  of  Public- 
Safety  Communica¬ 
tions  Officials  Inter¬ 
national,  whose  mem¬ 
bers  depend  on  radio 
spectrum  near  BPL 
transmission  frequencies. 
And  Lawrence  Spiwak,  presi¬ 
dent  of  the  Phoenix  Center 
for  Advanced  Legal  and  Eco¬ 
nomic  Policy  Studies  in 
Washington  and  a  former 
general  counsel  at  the  FCC, 
says,  “Most  power  companies 
don’t  think  BPL  is  ready  for 
prime  time  because  they  are 
very  sensitive  about  protect¬ 


ing  grid  reliability.” 

Despite  this  wide¬ 
spread  skepticism, 

BPL  has  gotten  some 
big  boosts  lately.  The 
Federal  Communica¬ 
tions  Commission  has 
changed  its  rules  to 
“foster  broadband  de¬ 
ployment  using  the  signifi¬ 
cantly  untapped  capabilities 
of  the  nation’s  power  grid.” 
Last  month,  Google  Inc.  and 
Goldman  Sachs  &  Co.  invest¬ 
ed  $100  million  in  German¬ 
town,  Md.-based  Current 
Communications  Group  LLC, 
which  sells  BPL  gear  and 
partners  with  utility  compa¬ 
nies  to  offer  Internet  access 
over  power  lines.  And  this 
month,  the  Texas  legislature 
passed  regulations  to  encour¬ 
age  BPL,  and  the  California 
Public  Utilities  Commission 
is  considering  approving  BPL 
pilot  projects  there. 

Perhaps  most  important 
is  the  ongoing  deployment 
of  the  Current  Technologies 
LLC  unit’s  products  on 
Cinergy  Corp.’s  grid  near 
50,000  homes  in  Hamilton 
County,  Ohio.  Kathy  Meinke, 


50% 

Cinergy  BPL 
users  who 
switched  from 
cable  or  DSL. 


a  spokeswoman  for  the 
Cincinnati  utility,  says  that 
95%  of  the  “thousands  of 
users”  rate  the  Internet  ac¬ 
cess  service  as  satisfactory. 

She  adds  that  there  have  been 
no  complaints  filed  by  ham 
radio  users,  a  point  con¬ 
firmed  by  Allen  Pitts  of  the 
American  Radio  Relay 
League,  a  ham  radio  opera¬ 
tors  organization  in  Newing¬ 
ton,  Conn.  According  to  Jim 
Mollenkopf,  vice  president  of 
products  and  architecture  at 
Current  Technologies,  that’s 
because  his  company  “has 
worked  hard  not  to  use  ama¬ 
teur  radio  frequencies.”  Pitts 
acknowledges  that  Current 
“is  working  honestly  to  deal 
with  problems.  We  won’t  say 
they’re  wearing  a  white  hat, 
but  it’s  beige.”  Still,  he  re¬ 
mains  concerned  as  deploy¬ 
ment  grows. 

Such  expansion  is  likely  lat¬ 
er  this  year,  when  Current 
upgrades  its  CT  Bridge  chip 
set,  upping  performance  to  as 
much  as  lOMbit/sec.  to  each 
household  on  the  grid.  Mol¬ 
lenkopf  claims  that  utilities 
also  like  BPL  because  it  might 
be  used  for  automatic  meter 
reading  and  to  provide  house- 
by-house  load  controls. 

Pouring  cold  water 
on  IBM’s . . . 

. . .  Cool  Blue  server  technology 

is  what  Collette  LaForce  has 
in  mind.  She’s  the  vice  presi¬ 
dent  of  marketing  at  Rackable 
Systems  Inc.  in  Milpitas, 

Calif.  She  claims  that  if  you 
want  to  use  the  eServer  Rear 
Door  Heat  eXchanger  from 
IBM,  which  cools  racks  of 
steamy  x86  servers  [Quick- 
Link  55501],  “you  need  to 
make  a  major  infrastructure 
investment.”  No,  not  updated 
cabling  systems;  rather,  new 
plumbing  systems.  IBM’s  ap¬ 
proach  requires  channeling 
water  from  your  data  center’s 
air  conditioning  units,  or 
chillers,  so  that  it  can  flow 
through  the  eXchanger  and 
keep  your  Intel-based  servers 


from  over¬ 
heating.  But 
once  you, 
um,  replumb 
your  data 
center  to  ac¬ 
commodate 
IBM’s  Cool 
Blue  systems, 
they’re  stuck 
in  place,  unless  you  replumb 
the  data  center  again.  IBM 
spokesman  Tim  Willeford 
dismissed  LaForce’s  critique, 
saying,  “Most  data  centers 
have  chilled  water  directly 
above  or  below.”  But  he 
didn’t  deny  that  you’d  need  a 
plumber  to  make  changes  to 
connect  a  rack  to  your  chiller 
any  time  you  needed  to  move 
the  servers.  LaForce  argued 
that  Rackable’s  passive  cool¬ 
ing  design,  which  releases  hot 
air  through  the  center  of  the 
rack,  means  you  don’t  need  to 
consider  plumbing  when  you 
move  things  around.  But 
Willeford  insists  this  isn’t, 
ahem,  a  hot  issue  for  CIOs. 

Speaking  of  IBM . . . 

...  its  audioconference  deal 
with  Avaya  Inc.  in  Basking 
Ridge,  N.J.,  promises  to  let 
you  click  on  a  person’s  name 
and  ring  them  up  on  the 
phone  via  Avaya  Meeting 

Exchange  in 
upcoming 
releases  of 
Notes  collab¬ 
oration  tools 
and  its  Same- 
Time  instant 
messaging 
technology. 
Sean  Poulley, 
vice  presi¬ 
dent  for  busi¬ 
ness  development  at  IBM’s 
Lotus  division,  says  the  up¬ 
grade,  due  late  in  Q4  for 
SameTime  and  early  in  Q1 
2006  for  Notes,  also  lets  you 
manage  voice  functions  dur¬ 
ing  Web  conferences.  That 
little  feature  can  come  in 
handy  when  someone  is  prat¬ 
tling  on  too  long  during  your 
conference.  ©  56254 


55% 

Server  heat 
reduction 
claimed  by 
IBM  and 
Rackable 
Systems. 


POULLEY 

pushes 
clicking,  then 
chatting. 


Compliance 


ROI 

See  beyond  compliance  as  a  burden, 
a  diversion  of  capital,  a  drain  on  your 
productive  assets.  How  you  respond  to 
regulation  can  actually  enhance  your 
business  processes  and  IT  operations. 
With  IT  management  software  from 
CA,  you  automate  controls  over  business 
process  and  policy.  Enhance  the  flow  and 
security  of  information.  And  sustain 
productivity  of  your  systems  and  people 
at  higher  levels.  Over  95  percent  of  the 
Global  1000  rely  on  CA  software. 

Learn  what  the  return  on  compliance 
can  amount  to  for  your  business  at 
ca.com/compliance.  Or  call 
1-800-225-5224,  promo  code  1725. 


©  2005  Computer  Associates  International,  Inc.  (CA).  All  rights  reserved. 


10  COMPilTERWOSLD  August  22, 2005 


NEWS 


www.computerworld.com 


New  Novell  Tools  Link 
Linux,  Windows  Systems 


Upgrade  lets  users 
manage  their  PCs 
from  Linux  servers 

BY  MATT  HAMBLEN 

ovell  INC.  today 
plans  to  announce 
that  an  upgrade  of 
its  ZENworks  soft¬ 
ware  will  ship  on  Friday  with 
complete  life-cycle  manage¬ 
ment  capabilities  for  Linux 
systems  and  support  for  man¬ 
aging  Windows  PCs  from 
servers  running  Linux. 

The  ZENworks  7  Suite  was 
supposed  to  be  released  in  the 
second  quarter,  according  to  a 
road  map  that  Novell  provided 
at  its  BrainShare  user  confer¬ 
ence  in  March.  Richard  White- 
head,  Novell’s  director  of 


product  management,  said  last 
week  that  the  product  was  de¬ 
layed  because  the  company 
only  “ships  products  that  meet 
customer  needs  on  Day  1.” 

Richard  Kebo,  manager  of 
network  services  at  the  Clovis 
Unified  School  District  in 
Fresno  County,  Calif.,  said  he 
will  upgrade  to  ZENworks  7  as 
soon  as  possible,  moving  from 
ZENworks  6.5,  which  he  has 
been  running  for  the  past  nine 
months. 

The  Clovis  school  system, 
which  has  36,000  students, 
plans  to  continue  using  its 
10,000  Windows  desktops. 

But  Kebo  said  he  wants  to 
move  from  Windows  servers 
to  Linux-based  systems  and 
standardize  on  a  single  man¬ 
agement  tool  that  can  handle 


both  Linux  servers  and  Win¬ 
dows  PCs.  ZENworks  7  will 
provide  that  flexibility,  said 
Kebo,  who  has  been  beta-test¬ 
ing  the  new  software  since 
March. 

Switching  more  systems  to 
Linux  should  increase  server 
stability  and  security  and  en¬ 
able  the  school  district  to  re¬ 
duce  the  number  of  servers  it 
uses,  which  now  stands  at  200, 
he  said.  Only  a  few  of  the  ex¬ 
isting  servers  run  Linux. 

“We  want  to  minimize  our 
Windows  servers,”  Kebo  said. 
“The  Linux  servers  are  always 
up,  and  we  definitely  have 
had  problems  with  Windows 
servers.  For  some  reason,  the 
servers  would  stop  and  we 
had  to  reboot.” 

The  Clovis  schools  first 


UPGRADED  SOFTWARE 

ZENworks  7  Suite 

ADDS  centralized  system 
imaging,  configuration  lock- 
down  and  remote  management 
capabilities  for  Linux  systems. 

EXTENDS  Novell’s  policy- 
based  management  auto¬ 
mation  capabilities  to  Linux 
machines. 

Open  Enterprise 
Server,  which  puts  Novell’s 
computing  services  on  both  the 
Linux  and  NetWare  kernels. 

COSTS  S130  per  end  user. 


became  a  Novell  customer  a 
year  ago.  It  installed  Novell’s 
eDirectory  software  after  de¬ 
ciding  during  a  competitive 
evaluation  that  Microsoft 
Corp.’s  Active  Directory  didn’t 
provide  “anywhere  near”  the 
functionality  of  the  Novell 
product,  Kebo  said. 

He  also  was  impressed  by 
Novell’s  Linux  direction, 


which  over  the  past  two  years 
has  included  the  release  of  its 
NetWare  services  on  the  Lin¬ 
ux  kernel  and  the  acquisition 
of  vendors  such  as  SUSE  Lin¬ 
ux  AG  and  Ximian  Inc. 

The  Linux  management 
software  that’s  part  of  the 
ZENworks  suite  is  based  on 
Ximian’s  technology,  which 
previously  was  called  Red 
Carpet  Enterprise.  ZENworks 
7  adds  a  variety  of  features  for 
managing  Linux  systems,  such 
as  a  remote  administration 
tool  (see  chart). 

Fred  Broussard,  an  analyst 
at  IDC  in  Framingham,  Mass., 
said  the  new  version  enhances 
Novell’s  already  solid  ZEN¬ 
works  offering  by  increasing 
the  software’s  ability  to  man¬ 
age  mixed  networks  with  both 
Linux  and  Windows.  But  more 
significantly,  “it  heralds  Nov¬ 
ell’s  increasing  independence 
from  NetWare,”  which  has 
been  buffeted  by  a  persistent 
decline  in  revenue  in  recent 
years,  he  said.  ©  56303 


IBM,  Geographic  Society  Team  on 
Project  to  Trace  Human  Migration 


$40M  effort  aims 
to  collect  and 
mine  2TB  of  data 

BY  MATT  HAMBLEN 

IBM  last  week  announced  that 
it  has  begun  to  deploy  custom 
data-gathering  software  devel¬ 
oped  jointly  with  the  National 
Geographic  Society  as  part  of 
a  five-year  project  to  map  how 
the  Earth  was  populated  and 
how  tribes  and  other  groups 
may  have  migrated  through 
the  ages. 

Under  the  Genographic 
Project  initiative,  hundreds  of 
thousands  of  human  DNA 
samples  will  be  gathered 
worldwide  and  stored  in  a 
2TB  database  at  the  National 
Geographic  Society’s  head¬ 
quarters  in  Washington. 

The  project  will  be  daunting 
in  its  complexity,  said  Ajay 
Royyuru,  senior  manager  of 
IBM’s  Computational  Biology 
Center.  For  example,  blood 


samples  and  personal  informa¬ 
tion  will  be  collected  from 
more  than  100,000  indigenous 
people  by  thousands  of  re¬ 
searchers,  many  using  Linux- 
based  ruggedized  laptops 
equipped  with  fingerprint 
readers  for  security  purposes, 
Royyuru  said. 

When  the  undertaking  was 
first  detailed  in  April,  project 
director  Spencer  Wells,  an 
explorer  in  residence  at  the 
National  Geographic  Society, 
dubbed  it  the  “moonshot  of 
anthropology”  and  said  it 
was  designed  to  fill  in  gaps  in 
our  understanding  of  human 
history. 

The  data-gathering  work  is 
so  massive  that  it  poses  an  in¬ 
teresting  integration  case 
study  for  IT  managers,  said 
Peter  Rodriguez,  who  holds  a 
distinguished  engineer  title  at 
IBM.  Ten  universities  around 
the  world  will  work  together 
to  collate  and  analyze  the  data, 
but  all  had  been  using  their 


own  spreadsheets,  which  have 
now  been  unified,  he  noted. 

“We  tend  to  think  scientists 
are  very  advanced,  but  they 
are  not  necessarily  advanced 
in  the  different  ways  they  col¬ 
lect  data,”  Rodriguez  said.  “We 
see  ourselves  beating  them 


into  submission  to  play  with 
one  another.” 

At  field  labs  that  are  being 
set  up  as  part  of  the  project, 
phenotypes  from  subjects  — 
such  as  their  hair  and  skin  col¬ 
ors  —  will  be  matched  to  ge¬ 
netic  sequencing  from  blood 
samples,  Rodriguez  said.  The 
data  then  will  be  converted 
into  XML  objects  for  transmis¬ 
sion  to  the  universities  and  the 
central  database,  accompanied 
by  geographic  coordinates 


showing  where  each  partici¬ 
pant  was  interviewed. 

Royyuru  estimated  the  total 
cost  of  the  project  at  $40  mil¬ 
lion,  primarily  to  cover  years 
of  salaries  for  thousands  of  re¬ 
searchers.  But  the  software  de¬ 
velopment  process  has  posed 
challenges  from  a  data  mining 
perspective,  he  noted.  “The 
lessons  we  have  learned  are 
clearly  something  we  will 
replicate  in  other  projects,” 
Royyuru  said.  ©  56316 


mis  MAP  SHOWING  the  migration  patterns  of  early  humans  was  designed  as  a  precursor  to  the  National 
jeographic  Society's  Genographic  Project,  which  will  provide  more  detailed  data. 


All  IT  Systems 


One  Service  Team 


For  multi-vendor,  cross-platform  service  and  support,  Fujitsu  is  the  one . 


From  mainframes  to  servers,  notebooks, 
and  Tablet  PCs,  no  other  company  provides 
the  full  spectrum  of  services  to  support 
business-critical  computing  like  Fujitsu. 

In  addition  to  our  own  products,  we  support 
a  variety  of  platforms  such  as  Sun™,  IBM®, 
and  HR  plus  OS/390®,  UNIX®,  Windows® 
and  Linux  environments.  We  also  provide 
services  that  improve  the  operation 
of  your  existing  IT  investments  and 
drive  down  costs.  So,  if  it’s 
critically  important  to  a  CIO’s  IT 
infrastructure,  we  service  it. 


With  more  than  30  years  of  direct 
experience  collaborating  with  our  customers 
and  aligning  their  IT  and  business  objectives, 
we've  learned  what  it  takes  to  maintain  a 
wide  variety  of  complex,  mission-critical  IT 
environments — and  deliver  a  higher  level  of 
service,  for  multi-vendor  cross-platform 
environments.  We  provide  a  single  point  of 
contact  and  full  accountability  to 
reduce  the  complexity  and  cost  of 
support,  streamlining  operations  to 
offer  greater  business  value. 


To  learn  more  reasons  why  CIOs  entrust  their  IT  systems  to  Fujitsu,  visit 

us.fujitsu.com/computers/services  or  call  I  -800-83  I  -3  1 83. 


FUJITSU 

THE  POSSIBILITIES  ARE  INFINITE 


©2005  Fujitsu  Computer  Systems  Corporation.  All  rights  reserved.  Fujitsu,  the  Fujitsu  logo.  PRIMEPOWER,  PRIMEQUEST  and  LifeBook  are  registered  trademarks  or -trademarks  of  Fujitsu  Limited  in  the  United  States  and  other  countries.  PRIMERG  . ;  a  registe:  cb  t,  dor  •ark  of  F  *i.t* 
Siemens  Computers  GmbH  in  the  United  States  and  other  countries.  IBM  and  OS/390  are  registered  trademarks  of  IBM  Corporation  in  the  United  States,  other  countries,  or  both.  Sun  is  a  trademark  of  Sun  Microsystems,  Inc.  in  the  U.S.  and  other  countries.  UNIX  is  a  registered  u.\  U 
mark  of  The  Open  Group  in  the  United  States  and  other  countries.  Windows  is  a  registered  trademark  of  Microsoft  Corporation.  All  other  trademarks  mentioned  herein  are  the  property  of  their  respective  owners. 


12  COMPUTERWORLD  August  22, 2005 


BRIEFS 


EMC  Agrees  to 
Acquire  Rainfinity 

EMC  Corp.  has  agreed  to  purchase 
Rainfinity  Inc.,  a  network  file  vir¬ 
tualization  software  vendor,  in  a 
deal  the  company  valued  at  less 
than  SIOO  million.  Privately  held 
Rainfinity,  which  employs  60 
workers,  sells  virtualization  soft¬ 
ware  for  Windows,  Unix  and  Lin¬ 
ux  systems  to  simplify  manage¬ 
ment  and  make  it  easier  for  users 
to  perform  data  migrations. 


Sun  Misses  Ship 
Date  for  StarOffice 

Sun  Microsystems  Inc.  has  missed 
the  targeted  release  date  for  Star- 
Office  8,  according  to  its  Web 
site.  The  productivity  suite  was 
originally  slated  to  ship  last 
month,  but  Sun  acknowledged 
that  Version  8  isn’t  yet  available. 

A  Sun  spokesman  declined  to  re¬ 
veal  when  it  will  be  released.  Sun 
previewed  a  beta  release  of  Star- 
Office  8  at  the  LinuxWorld  Confer¬ 
ence  &  Expo  in  Boston  last  winter. 


AMD  Hires  IBM  Vet 
To  Run  Design  Unit 

Advanced  Micro  Devices  Inc.  has 
tapped  a  former  IBM  executive  to 
take  charge  of  its  silicon  design 
efforts.  Jeff  VerHeuI,  a  25-year 
IBM  veteran,  was  named  corpo¬ 
rate  vice  president  of  silicon  de¬ 
sign.  He  will  be  responsible  for  all 
of  the  company’s  future  comput¬ 
ing  products.  VerHeuI  had  been 
the  head  of  IBM’s  Engineering  & 
Technology  Services  unit. 


Symantec  Buys 
Sygate  Technologies 

Symantec  Corp.  has  agreed  to  ac¬ 
quire  Sygate  Technologies  Inc.,  a 
maker  of  software  that  enforces 
enterprise  network  security  poli¬ 
cies,  for  an  undisclosed  price. 
Symantec  plans  to  integrate 
Sygate’s  Enterprise  Protection 
product,  which  includes  a  firewall 
and  intrusion-prevention  soft¬ 
ware,  into  its  Symantec  Client 
Security  product. 


www.computerworid.corn 


NEWS 


Sabre  Replacing  EDI 
With  Web  Services 


Looking  to  gain 
flexibility  of  SOA 

BY  HEATHER  HAVENSTEIN 

ABRE  HOLDINGS  CORP. 
has  launched  a  project 
to  replace  its  electron¬ 
ic  data  interchange 
(EDI)  system  for  connecting 
to  airlines,  hotels  and  other 
suppliers  with  Web-services- 
based  integration. 

The  parent  company  of 
Sabre  Travel  Network,  Travel- 
ocity.com  LP  and  Sabre  Air¬ 
line  Solutions  plans  to  replace 
a  15-year-old  EDI  system  with 
Web  services  by  using  See- 
Beyond  Technology  Corp.’s 
Integrated  Composite  Appli¬ 
cation  Network  (ICAN)  suite 
as  its  integration  platform. 

Sabre  will  be  completing 
a  pilot  project  in  October  to 
connect  with  one  undisclosed 
supplier  using  Web  services, 
said  Bob  Offutt,  senior  vice 


president  and  chief  architect 
of  strategic  architecture  at 
the  Southlake,  Texas-based 
company. 

The  SeeBeyond  tools  will 
provide  business  rules  and  con¬ 
nectivity  to  replace  Sabre’s 
high-speed,  real-time  EDI 
system,  which  doesn’t  have  the 
flexibility  of  a  service-oriented 
architecture,  Offutt  added. 

Offutt  declined  to  disclose 
the  cost  of  the  project  or  the 
value  of  the  contract  with 
Monrovia,  Calif.-based  See¬ 
Beyond,  which  has  agreed  to 
be  acquired  by  Sun  Microsys¬ 
tems  Inc.  [QuickLink  55272]. 

“SeeBeyond  will  give  us  the 
ability  to  have  multiple  con¬ 
nectivity  scenarios,  depending 
on  the  flavor  and  language  of 
XML,”  he  said. 

Offutt  said  the  company  has 
begun  discussions  with  other 
suppliers  in  the  U.S.  and  the 
U.K.  for  rolling  out  the  tools. 

At  many  sites,  Web  services 


PRODUCT  FEATURES 

SeeBeyond's 
ICAN  Suite 

Provides  core  integration, 
including  system  connectivity, 
guaranteed  messaging  and 
transformation. 

Orchestrates  and  automates 
complex  business  processes 
and  workflow. 

Automates  business-to- 
business  Interactions. 

Generates  business-activity 
applications  to  monitor 
performance. 


adoption  is  being  driven  by 
companies  looking  to  replace 
expensive  EDI  transactions, 
said  Anne  Thomas  Manes,  an 
analyst  at  Burton  Group  in 
Midvale,  Utah. 

“It  is  a  much  less  expensive 
pipe,  and  it  gives  you  more 
flexibility  for  the  types  of  mes¬ 


sages  you  can  send  and  opera¬ 
tions  you  can  perform,”  she 
said.  “A  business-to-business 
connection  that  used  to  take 
two  months  to  set  up  with  EDI 
can  be  set  up  in  a  couple  of 
hours  with  Web  services.” 

Sabre  also  plans  to  use 
the  ICAN  tools  internally  to 
orchestrate  Web  services  as  it 
continues  an  effort  started  five 
years  ago  to  migrate  applica¬ 
tions  from  its  IBM  mainframe 
to  distributed  systems. 

The  company  has  already 
used  Web  services  to  extract 
business  logic  and  data  from 
its  mainframe  for  hotel  and 
domestic  airline  reservations. 

But  it  will  need  the  orches¬ 
tration  tools  for  its  core  travel¬ 
packaging  application,  which 
allows  users  to  book  airline, 
hotel  and  rental  car  reserva¬ 
tions  at  the  same  time.  This 
core  application  still  resides 
on  the  mainframe. 

With  reusable  Web  services, 
Sabre  has  quickly  created  a 
new  shopping-cart  application 
and  built  a  managed  inventory 
product  that  gives  airlines 
more-sophisticated  options  to 
manage  seat  prices  to  create 
the  highest  yield,  Offutt 
1  added.  ©  56322 


JBoss  Program  Aims  to  Ease 
Migrations  From  WebLogic 


BY  HEATHER  HAVENSTEIN 

JBoss  Inc.  last  week  introduced 
a  program  it  hopes  will  entice 
more  companies  to  use  open- 
source  application  server 
software. 

Through  its  new  JBoss  Mi¬ 
gration  Program,  the  Atlanta- 
based  company  aims  to  provide 
assessments,  methodologies 
and  tools  to  help  customers 
move  software  from  commer¬ 
cial  application  servers  to  the 
open-source  JBoss  software. 

The  first  iteration  of  the 
program  targets  companies 
looking  to  migrate  from  BEA 
Systems  Inc.’s  WebLogic  ap¬ 
plication  server  to  JBoss,  said 
Joe  McGonnell,  director  of 
marketing  at  JBoss. 

The  company  plans  to  tailor 
the  program  for  migrations 
from  IBM’s  WebSphere  offer¬ 


ing  in  the  future,  he  added. 

The  JBoss  program  targets 
companies  like  NLG  Inc.,  a 
Woburn,  Mass.-based  travel 
company  that  plans  to  migrate 
a  mission-critical  application 
from  WebLogic  to  JBoss  over 
the  next  10  months. 

Jamie  Cash,  NLG’s  vice 
president  of  technology,  said 
he  would  likely  use  such  a 
migration  program  to  move 
the  application.  Two  years  ago 
NLG  migrated  a  legacy  green- 
screen  booking  reservation 
system  to  JBoss,  and  the  com¬ 
pany  calculated  that  it  saved 
$1  million  in  licensing  fees  by 
not  using  a  commercial  appli¬ 
cation  server,  Cash  said. 

NLG  initially  had  concerns 
about  JBoss’  long-term  perfor¬ 
mance,  but  Cash  said  the  ap- 
I  plication  has  performed  “ex¬ 


tremely  well”  since  its  instal¬ 
lation.  Fears  that  JBoss  would 
make  changes  that  would  re¬ 
quire  NLG  to  rework  its  appli¬ 
cation  have  also  proved  to  be 
unfounded  so  far,  Cash  said. 

Ahead  of  the  Curve 

CitiStreet  LLC,  a  Quincy, 
Mass.-based  benefits  provider, 
tapped  JBoss  as  its  application 
server  standard  for  all  new 
projects  more  than  a  year  ago, 
prior  to  the  availability  of  mi¬ 
gration  tools,  said  CIO  Barry 
Strasnick. 

The  company  began  a  mi¬ 
gration  from  WebLogic  to 
JBoss  18  months  ago  and  has 
now  moved  all  of  its  mission- 
critical  applications  to  the 
open-source  server. 

“We  had  a  need  to  dramati¬ 
cally  increase  the  hardware 
resources  available  to  our 
J2EE  layer,  and  do  it  quickly,” 
Strasnick  said.  “BEA  had  what 
we  considered  to  be  excessive 
licensing  costs  in  order  to 


support  these  increased 
resources.” 

With  JBoss,  the  company 
has  better  scalability,  availabil¬ 
ity  and  support,  he  added. 

Shawn  Willett,  an  analyst  at 
Current  Analysis  Inc.  in  Ster¬ 
ling,  Va.,  said  companies 
switching  from  commercial 
application  servers  to  JBoss 
usually  migrate  because  of 
lower  licensing  costs,  especial¬ 
ly  now  that  the  basic  J2EE  lay¬ 
er  has  become  a  commodity. 

However,  he  noted  that 
commercial  application 
servers  still  have  the  edge  in 
terms  of  high-end  features  for 
availability  and  management. 

In  related  news,  a  group  of 
vendors,  including  Infravio 
Inc.,  Sonic  Software  Corp., 
Iona  Technologies  PLC  and 
WS02,  this  week  will  an¬ 
nounce  an  incubator  project 
to  develop  an  open-source 
enterprise  service  bus  as  an 
Apache  Software  Foundation 
project.  ©  56333 


Samsung  displays.  Turn  business  on 


The  Samsung  242 MP  display.  Explore  more  of  what’s  out  there,; 

One  look  and  you’ll  see  how  the  combination  of  a  computer  display,  a  television  and  ai 
can  become  your  ultimate  source  of  knowledge.  And  why  Samsung  is  the  leading  disf 
brand  in  the  world.*  So  when  you're  serious  about  business,  turn  on  a  Samsung.  And 
yourself  on  to  a  whole  new  way  of  seeing  things,  www.samsung.com/monitor 

©2005  Samsung  Electronics  America,  Inc.  Samsung  is  a  registered  trademark  of  SamsungSectrgnics  Cor..  Ltd.  ;  ,;r  L". 

Screen  images  simulated.  “Global  market  share  leader  based  on  2004  tSuppii  Corporation  Rating  ■  . 


mmmrnmmsMmmM  .iwnw 


14 


COMPUTERWORLD  August  22, 2005 


NEWS 


www.computerworld.com 


::  GLOBALOISPATCHES 


An  International 

IT  News  Digest 


Component  Costs  Rise, 
But  PC  Prices  Won’t 

TAIPEI 

osts  are  on  the  rise  for  several 
types  of  PC  components,  includ¬ 
ing  memory  chips  and  LCD 
screens,  because  of  high  demand. 
That’s  a  concern  for  procurement 
managers  at  PC  makers  such  as  Dell 
Inc.  and  Hewlett-Packard  Co.,  but  ana¬ 
lysts  said  IT  buyers  should  have  little 
to  fear  from  the  increases. 

Prices  of  the  most  widely  used  com¬ 
puter  memory  components,  256Mbit 
double  data  rate  chips  that  run  at  400 
MHz,  could  reach  $3  per  chip  by  the 
end  of  this  month,  up  27%  from  June, 
according  to  iSuppli  Corp.,  a  market 
research  firm  in  El  Segundo,  Calif.  In 
addition,  the  price  of 
notebook-size  LCDs  rose 
6%  over  the  past  two 
months,  iSuppli  said. 

Llowever,  IT  buyers 
probably  won’t  see  any  in¬ 
creases  in  the  prices  they 
pay  for  PCs,  said  Bryan 
Ma,  an  analyst  at  IDC’s  of¬ 
fice  in  Singapore.  PC 
prices  remain  on  a  down¬ 
ward  spiral,  and  little  is 
going  to  change  that,  he 


said.  When  component  prices  rise,  PC 
makers  typically  reconfigure  their  sys¬ 
tems  to  keep  costs  down,  Ma  added. 

■  DAN  NYSTEDT,  ID6  NEWS  SERVICE 


Swiss  Bank  Signs  Deal 
For  Dell  PCs,  Support 

Ubs  AG,  a  Zurich-based  banking 
group,  has  signed  a  four-year 
contract  with  Dell  to  replace  and 
manage  more  than  30,000  desktop  and 
notebook  computers  at  UBS  branches 
around  the  world.  The  deal,  which  Dell 
announced  last  week,  is  worth  more 
than  $50  million  (U.S.),  according  to 
a  spokesman  for  the  IT  vendor. 

“By  standardizing  the  PC  infrastruc¬ 
ture  worldwide,  we  can  achieve  a  sub¬ 
stantial  cost  reduction,” 
Scott  Abbey,  chief  tech¬ 
nology  officer  at  UBS, 
said  in  a  statement. 

Dell  said  it  will  provide 
an  array  of  managed  ser¬ 
vices  to  UBS,  including 
installation,  technical 
support  and  asset  man¬ 
agement;  it  will  also 
migrate  the  bank  to  the 
Windows  XP  operating 
system.  The  new  comput¬ 


ers  —  Dell  OptiPlex  GX280  desktops 
and  Latitude  D410  and  D610  notebooks 
—  will  be  manufactured  to  UBS’s  spec¬ 
ifications  and  delivered  with  a  set  of 
customized  applications  installed. 


$500M  Project  to  Boost 
Broadband  in  West  Africa 

LUSAKA,  ZAMBIA 

new  YORK  company  founded  by 
a  group  of  Africans  and  African- 
Americans  plans  to  develop  a 
fiber-optic  network  that  will  provide 
high-speed  Internet  access  in  West 
Africa  and  ultimately  connect  that 
region  to  Europe,  the  U.S.  and  Asia, 
officials  said  last  week. 

The  $500  million  project  is  being 
undertaken  by  the  New  York-based 
Infinity  Worldwide  Telecommunica¬ 
tions  Group  of  Companies  (IWTGC). 
The  fiber-optic  installation  will  com¬ 
pete  directly  with  the  existing  SAT-3 
transcontinental  network,  which  is 
owned  by  a  consortium  of  36  national 
telecommunications  companies. 

Initially,  the  IWTGC’s  undersea 
cable  will  run  from  Portugal  to 
Cameroon  along  the  coast  of  West 
Africa  and  link  Nigeria,  Benin,  Liberia, 
Senegal,  the  Ivory  Coast  and  Ghana. 
The  goal  is  to  have  the  new  network 
operational  by  2008.  ©  56289 
■  MICHAEL  MALAKATA,  IDG  NEWS  SERVICE 


Compiled  by  Mitch  Betts. 


Briefly  Noted 

Novell  Inc.  and  China  Standard 
Software  Co.  (CS2C),  building  on 
a  partnership  formed  in  April,  an¬ 
nounced  last  week  that  they  will 
jointly  develop  Linux-based  server 
and  desktop  software  aimed  at  the 
Chinese  market.  CS2C  is  a  Shang¬ 
hai-based  software  vendor  that  was 
founded  in  2003. 

■  JOHN  BLAU,  IDG  NEWS  SERVICE 


HP  last  week  announced  a  free  IT 
hardware  recycling  service  for  busi¬ 
ness  customers  across  much  of  Eu¬ 
rope,  in  accordance  with  the  Euro¬ 
pean  Union’s  new  Waste  Electrical 
and  Electronic  Equipment  directive. 
The  directive  makes  vendors  re¬ 
sponsible  for  taking  back  and  recy¬ 
cling  electrical  equipment. 

■  JAMES  NICC0LAI,  IDG  NEWS  SERVICE 


Covansys  Corp.,  an  IT  services  and 
outsourcing  firm  based  in  Farming- 
ton  Hills,  Mich.,  last  week  inaugu¬ 
rated  a  global  development  center 
in  Bangalore,  India,  to  accommo¬ 
date  its  growing  offshore  business. 
The  center  consolidates  multiple 
Bangalore  offices  in  one  building 
and  has  the  capacity  for  2,200  IT 
workers,  Covansys  said. 


GLOBAL  FACT 


Number  of  cellular  users 
worldwide  this  year, 
which  is  projected  to 
increase  to  2.5  billion 
by  the  end  of  2010, 

Source:  Strategy  Analytics  Inc., 
Newton,  Mass. 


Gas  Price  Increases  Spur 
Interest  in  Telecommuting 


BY  MATT  HAMBLEN 
AND  PATRICK  THIBODEAU 

As  gasoline  prices  spiked  last 
week  by  10  to  20  cents  per  gal¬ 
lon  around  the  country,  corpo¬ 
rate  managers  said  there’s  a 
renewed  interest  by  employ¬ 
ees  in  telecommuting  from 
home  via  computer  and 
broadband  to  avoid  lengthy 
and  expensive  drives  to  work. 

IT  executives  last  week  said 
any  sizable  boost  in  telecom¬ 
muting  won’t  require  signifi¬ 
cant  new  spending  or  inconve¬ 
nience  for  their  operations. 

The  executives  noted  that 
widely  used  technologies  such 
as  Web  collaboration  tools 
should  help  ease  problems 
faced  by  new  home  workers. 


In  addition,  broadband  con¬ 
nections  are  becoming  so 
commonplace  that  IT  should 
have  little  problem  helping 
teleworkers  gain  access  to  a 
big  pipe  running  a  virtual  pri¬ 
vate  network  (VPN)  and  to  big 
files  stored  on  corporate 
servers,  managers  said. 

In  fact,  “telecommuting  isn’t 
a  technology  challenge  as 
much  as  a  cultural  challenge,” 
said  Skip  Snow,  an  IT  executive 
at  a  major  financial  institution 
he  asked  not  to  be  identified. 

“The  problems  with  tele¬ 
commuting  don’t  have  as 
much  to  do  with  technology 
and  tools  as  with  whether  a 
worker  or  manager  will  work 
as  well  with  a  guy  on  the 


phone  as  compared  with  the 
guy  in  the  next  office,”  said 
Snow,  who  telecommutes  be¬ 
cause  he  lives  a  long  distance 
from  his  job. 

Snow  said  he  can  work  on 
any  computer  virtually  any¬ 
where  using  a  smart-card 
equivalent  for  a  password  and 
a  company  portal. 

Teleworkers  at  General 
Electric  Co.’s  GE  Energy  divi¬ 
sion  in  Atlanta  must  have  ac¬ 
cess  to  a  broadband  connec¬ 
tion  to  access  the  company’s 
VPN.  The  GE  unit  also  uses  a 
third-party  hosting  service  for 
telecommuters  that  lets  mo¬ 
bile  workers  connect  to  inter¬ 
nal  corporate  systems  via  a 
Web  browser  when  they  are 
in  airports  and  other  places, 
said  Larry  Tardell,  Southeast 
infrastructure  operations 
leader  at  GE. 

The  GE  Energy  division, 
which  supplies  home  comput- 


H  Telecommut¬ 
ing  isn’t  a 

technology  challenge 
as  much  as  a  cultur¬ 
al  challenge. 

SKIP  SNOW,  IT  EXECUTIVE  AT  A 
MAJOR  FINANCIAL  INSTITUTION 

ers  and  a  broadband  connec¬ 
tion  to  telecommuters,  has  cut 
its  office  workstation  require¬ 
ments  by  50  systems. 

Each  such  system  costs  the 
company  about  $15,000  a  year 
in  real  estate  and  related  costs, 
so  the  annual  savings  can  be 
significant,  said  Kate  Lee, 
manager  of  community  affairs. 

Snow  said  that  as  real  estate 
expenses  rise,  the  corporate 
costs  of  supporting  telecom¬ 
muters  might  become  insignif¬ 
icant  to  corporate  budget 
makers.  “It’s  not  expensive  to 


telecommute,”  he  said. 

And  large  companies  might 
find  it  advantageous  to  have 
workers  telecommute  to  better 
distribute  the  workforce  and 
lessen  the  impact  of  a  potential 
catastrophe  at  a  central  facility. 

The  biggest  concerns  in  set¬ 
ting  up  effective  telework  pro¬ 
grams  have  been  over  proper 
supervision  of  workers  and 
ensuring  that  home  systems 
are  secure,  managers  said. 

Jane  Franklin,  a  special  proj¬ 
ects  coordinator  overseeing 
telework  and  van  pooling  at 
Georgia  Power  in  Atlanta,  said 
about  475  teleworkers  must  ad¬ 
here  to  a  set  of  guidelines  for 
telework.  The  guidelines  sub¬ 
ject  workers  who  introduce  a 
virus  into  the  company  net¬ 
work  to  having  remote  access 
disabled  for  two  days.  Once 
a  worker  introduces  a  third 
virus,  his  remote  access  is  per¬ 
manently  disabled.  ©  56334 


‘  ij  m  ,'r  *  •; 


*wniw»mwiiW8  mi 


services. 


•  .. 


s~ 

1 

HI 

k«gfl 

1 

„  MMMMM 

5^3 

|ii  I— *1— i— 


ie 


CGMPUTERWORLD  August  22, 2005 


NEWS 


www.computerworld.com 


Continued  from  page  1 

Hackers 

systems  administrator  at  the 
Waukegan,  Ill-based  distribu¬ 
tor  of  packing  and  shipping 
materials. 

The  Windows  2000  bugs 
caused  infected  systems  to 
restart  repeatedly  and  could 
allow  remote  attackers  to  take 
control  of  compromised  sys¬ 
tems.  According  to  vendors  of 
antivirus  software,  the  mal¬ 
ware  targeted  only  older,  Win¬ 
dows  2000-based  systems. 

Although  none  of  those  11  or 
so  worms  are  considered  par¬ 
ticularly  serious  by  most  secu¬ 
rity  experts  (see  story  at 
right),  they  serve  as  a  sobering 
illustration  that  hackers  can 
take  advantage  of  new  flaws 
before  many  companies  can 
patch  them,  said  John  Pironti, 
a  principal  security  consultant 
at  Unisys  Inc.  in  Blue  Bell,  Pa. 


About  15  IT  staffers  at  Delaware 
Investments  Inc.  had  to  work 
late  into  the  night  last  Tuesday  to 
patch  Windows  2000  systems 
so  that  Zotob  and  the  other  new 
worms  wouldn’t  wreak  havoc 
on  the  company’s  business  op¬ 
erations. 

But  more  commonly,  Win¬ 
dows  2000  users  who  respond¬ 
ed  to  a  random  e-mail  poll  con¬ 
ducted  by  Computerworld  re¬ 
ported  no  impact,  thanks  to  dili¬ 
gent  preventive  patching  of  their 
systems  or,  in  some  cases, 
emergency  fixes.  Only  three  of 
20  respondents  said  their  com¬ 
panies  felt  some  effects  from  the 
string  of  worms  targeting  un¬ 
patched  PCs  and  servers. 

Jeff  Goldman,  a  systems  ad¬ 
ministrator  at  Philadelphia- 
based  Delaware  Investments, 
said  the  Lincoln  National  Corp. 
subsidiary  was  affected  for  a 
short  period  of  time  but  man¬ 
aged  to  stop  the  worms  and  ap¬ 
ply  the  necessary  patches  with 
no  downtime  for  its  operations. 
Thankfully,  not  much  business 
was  disturbed,”  Goldman  said. 

In  the  wake  of  the  attacks, 
Delaware  Investments  plans  to 


Worm  Wave 


*  Eleven  worms  were  un¬ 
leashed  last  week,  taking  ad¬ 
vantage  of  a  flaw  in  a  plug-and- 
play  component  of  the  Windows 
2000  operating  system. 

■  Worm  variants  were  based 
on  three  families:  Zotob,  Bozori 
and  Ircbot. 

■  They  caused  infected 
machines  to  restart  repeatedly. 

s  Previously  patched  systems 
were  unaffected  by  the  worms. 


“I  think  these  attacks  show 
that  there  is  still  a  fair  bit  of  la¬ 
tency”  between  patch  release 
and  deployment  in  a  lot  of 
companies,  agreed  Fred  Rica, 
a  partner  at  Pricewaterhouse- 
Coopers  in  New  York. 

“Hackers  have  adopted  new 
attack  techniques,”  Pironti 
said.  “Instead  of  going  out  and 
looking  for  vulnerabilities  on 


make  buying  software  that  will 
help  with  the  deployment  of 
patches  a  top  priority,  he  added. 
IT  staffers  had  already  evaluated 
several  products,  including  Mi¬ 
crosoft’s  Windows  Server  Up¬ 
date  Services  and  BMC  Soft¬ 
ware  Inc.’s  Marimba  tools.  Now 
the  company  is  “willing  to  spend 
whatever  is  necessary  to  make 
sure  this  doesn’t  happen  again,” 
Goldman  said. 

Roger  Wilding,  a  senior  tech¬ 
nical  engineer  at  a  global  ship¬ 
ping  and  supply  chain  services 
firm  that  he  asked  not  be  identi¬ 
fied,  said  his  company’s  IT  staff 
uses  Microsoft’s  Systems  Man¬ 
agement  Server  software  to  de¬ 
ploy  patches.  That  has  helped 
the  company  ensure  that  most  of 
its  systems  have  Microsoft’s  lat¬ 
est  security  fixes  and  software- 
update  service  packs,  he  added. 

“You  need  to  build  your  infra¬ 
structure  to  support  continual 
patching  of  systems,  regardless 
of  the  operating  system,”  Wild¬ 
ing  said. 

Neville  Teagarden,  CIO  at  Pro- 
Logis,  a  real  estate  investment 
trust  in  Aurora,  Colo.,  said  auto¬ 
mated  antivirus  and  software 


their  own,  they  are  waiting  for 
patches  to  be  released  to  see 
what  holes  are  being  fixed.” 
Then  they  go  after  those  holes 
as  quickly  as  they  can,  he  said. 

The  trend  could  leave  many 
companies  dangerously  ex¬ 
posed,  especially  large  ones 
that  typically  test  and  analyze 
patches  before  deploying 
them,  Pironti  said. 

“They  have  to  assume  that 
they  are  going  to  be  vulnera¬ 
ble  to  attack  from  the  moment 
a  patch  is  out,”  he  said.  “They 
need  to  have  countermeasures 
in  place  while  the  patches  are 
tested”  and  deployed. 

Enterprises  should  look  at 
implementing  the  equivalent 
of  the  color-coded  threat  sys¬ 
tem  used  by  the  U.S.  Depart¬ 
ment  of  Homeland  Security 
when  dealing  with  newly  dis¬ 
closed  flaws,  said  Dave  Jordan, 
chief  information  security  offi¬ 
cer  for  the  government  of  Ar¬ 
lington  County,  Va.  Once  new 


update  tools  from  Altiris  Inc.  that 
the  company  deployed  during 
the  past  year  have  also  helped  it 
to  avert  major  security  problems. 

Typically,  patches  are  auto¬ 
matically  fed  into  a  test  environ¬ 
ment.  But  Teagarden  said  that 
based  on  the  risks  posed  by  Zo¬ 
tob,  ProLogis  decided  to  shorten 
its  test  cycle  and  immediately 
deploy  Microsoft’s  patch. 

Likewise,  Kindred  Healthcare 
Inc.  in  Louisville,  Ky.,  made  an 
emergency  deployment  of  the 
patch  to  its  servers  last  Tuesday 
night,  said  Rob  Rhodes,  a  tech¬ 
nical  consultant  at  the  company. 
Kindred  had  already  patched  “a 
high  percentage”  of  its  desktops 
before  the  worms  were  released, 
he  said. 

The  worms  attacked  systems 
at  13  of  DaimlerChrysler’s  23 
North  American  manufacturing 
and  assembly  plants,  according 
to  spokesman  Dave  Elshoff.  Pro¬ 
duction  disruptions  ranged  from 
five  to  50  minutes,  Elshoff  said. 
The  automaker  is  still  assessing 
the  damage  from  the  worms  but 
should  be  able  to  easily  make  up 
the  lost  work,  he  added. 

-  Carol  Sliwa 


flaws  are  disclosed,  Jordan  said, 
IT  security  personnel  “should 
conduct  business  differently 
than  they  would  day  to  day.” 
They  need  to  implement  coun¬ 
termeasures  as  soon  as  possible 
to  mitigate  risk,  he  said. 

Measures  can  include  con¬ 
ducting  thorough  threat  analy¬ 
sis,  gaining  an  understanding 
of  specific  risks  of  new  flaws, 
shutting  down  systems  where 
possible,  blocking  access  to  af¬ 
fected  ports  and  using  intru¬ 
sion-detection  and  -prevention 
systems  to  monitor  for  unusu¬ 
al  activity  and  network  behav¬ 
iors,  security  experts  said. 

A  vast  majority  of  worms 
and  viruses,  including  those 
launched  this  week,  use  com¬ 
mon  methods  and  take  advan¬ 
tage  of  common  flaws  —  such 
as  buffer  overflows  —  to  attack 
vulnerable  systems,  said  Thor 
Larholm,  a  senior  security  re¬ 
searcher  at  PivX  Solutions  Inc. 
in  Newport  Beach,  Calif. 

Instead  of  relying  solely  on 
patches  to  fix  every  new  flaw, 
it’s  better  to  address  some  com¬ 
mon  underlying  vulnerabili¬ 
ties,  he  said.  “There  are  multi¬ 
ple  ways  to  protect  against 
entire  classes”  of  vulnerabili¬ 
ties  without  having  to  apply 
patches  for  each  one,  he  said. 

PivX  is  one  of  several  ven¬ 
dors,  including  Immunix  Inc. 
and  eEye  Digital  Security,  that 
sell  tools  to  repair  generic 
buffer  overflows  in  the  ab¬ 
sence  of  vendor  patches. 

“About  90%  of  the  worms 
out  there  can  be  mitigated  just 
by  hardening  your  systems,” 
Larholm  said.  For  instance,  dis¬ 
abling  so-called  null-session 
accounts,  which  are  enabled  by 
default  on  Windows  2000  sys¬ 
tems,  would  have  prevented 
this  week’s  worms  from  taking 
advantage  of  the  plug-and-play 
flaw,  though  it  is  not  always 
practical,  he  said.©  56329 


Carol  Sliwa  contributed  to 
this  story. 


MORE  ON  THIS  TOPIC 

In  this  issue:  Neither  vendors  nor  users 
have  learned  their  lesson  about  worms, 
says  Frank  Hayes.  Page  46 

Online:  Read  full  coverage  of  IT  security 
issues  on  our  Web  site: 

QuickLink  k16Q0 
www.computerworld.com 


Win  2k  Bugs 
Called  ‘Routine’ 

Despite  the  media  frenzy,  none 
of  last  week's  slew  of  worms 
targeting  a  Windows  2000  vul¬ 
nerability  was  all  that  unusual  or 
serious,  security  experts  said. 

“We  would  not  characterize 
this  as  a  widespread  problem. 
The  worms  were  similar  in  na¬ 
ture  to  worms  we  routinely  see 
on  the  Internet,”  said  Debbie 
Fry  Wilson,  director  of  Micro¬ 
soft’s  Security  Response  Center. 

“There  was  nothing  unusual 
about  the  exploit  code  or  the 
type  of  worms  created,”  she 
said.  “The  difference  here  was 
that  you  had  an  unusual  num¬ 
ber  of  media  outlets  that  were 
impacted,”  resulting  in  a  lot  of 
publicity.  The  bug  hit  outlets 
such  as  CNN,  The  New  York 
Times  and  ABC  News. 

Similar  worms  are  spread  “all 
the  time,”  noted  Ero  Carrera,  a 
virus  researcher  at  F-Secure 
Corp.  in  Helsinki,  Finland. 

“There  was  no  major  new  trend 
or  techniques  that  made  these 
worms  particularly  virulent.” 

No  estimates  were  available 
late  last  week  on  the  extent  of 
the  damage  caused  by  the 
worms,  though  most  antivirus 
vendors  assessed  the  worms 
as  medium-  to  low-risk  threats. 

Trend  Micro  Inc.  rated  two  of 
10  of  the  worms  as  a  medium 
risk,  while  the  rest  garnered  a 
low-risk  rating.  Rival  antivirus 
vendor  McAfee  Inc.  pegged 
only  one  of  10  on  its  list  as 
medium  risk,  with  the  rest  said 
to  be  low  risk. 

Even  so,  it  would  be  a  mis¬ 
take  to  underestimate  all  the 
worms,  warned  an  advisory 
from  security  vendor  Arbor  Net¬ 
works  Inc.  in  Lexington,  Mass. 

“Arbor  Networks  has  re¬ 
ceived  calls  from  a  number  of 
large  companies  that  have 
been  devastated  by  Zotob," 
one  of  last  week’s  Windows 
2000  worms,  the  advisory 
said.  The  appearance  of  sever¬ 
al  Zotob  variants,  including  one 
that  spreads  via  e-mail,  could 
portend  problems  for  compa¬ 
nies,  Arbor  warned. 

-  Jaikumar  Vijayan 


Patching  Efforts  Help  Users  Fend  Off  Worms 


HP  ProLiant 
ML310G2  SERVER 


Intel®  Pentium®4  Processor  (3GHz,  800MHz) 
1GB  Total  PC3200  DDR  ECC  SDRAM 
(2)  80GB  SATA  Hard  Drives^ 

5U  Tower  with  optional  rack  kit 
Hardware  limited  warranty,  1-year  parts, 
1-year  labor,  1-year  next-business-day 
on-site  support 


HP  Storage  Works  DAT  40 
USB  INTERNAL  TAPE  DRIVE 


SUDDENLY  YOU  CAN  APPRECIATE 
MICROMANAGERS. 


Finally  a  micromanager  you  want  around:  the  powerful  and  reliable  HP  ProLiant  ML310  G2  server.  Loaded  with 
HP-developed  manageability  features  and  powered  by  the  Intel5’  Pentium5  4  Processor,  the  ML310  is  designed  to  minimize 
maintenance  and  maximize  productivity.  Just  pop  in  the  SmartSfart  CD  to  walk  you  through  installation  and  get  your 
system  up  and  running.  HP  Systems  Insight  Manager  will  monitor  your  system  and  alert  you  to  potential  problems 
before  they  arise.  Then  leave  it  be— the  optional  remote  management2  tools  let  you  keep  track  of  your  server  no 
matter  where  you  are.  And,  for  a  fast,  easy  backup  solution,  bundle  it  with  the  all-new  HP  StorageWorks  DAT  40  USB 
internal  tape  drive.  Just  another  reliable  solution  from  the  HP  Smart  Office  Portfolio. 


SMART  ADVICE  >  SMART  TECHNOLOGY  >  SMART  SUPPORT 


Three-year  Care  Pack 

Add  three  years,  next-business-day  on-site  support  for  $199 

Visit  our  Web  site  to  download  a  free  guide: 

Getting  Started  with  HP  Systems  Insight  Manager. 


Call  1-888-291-0364 
Click  hp.com/go/ML330mag2 
Contact  your  local  reseller 


i 


Prices  shown  are  HP  Direct  prices;  reseller  and  retail  prices  may  wary.  Prices  shown  are  subject  to  change  and  do  not  include  applicable  state  and  local  taxes  or  shipping  to  recipient’s  address.  Offers  cannot  be  combined  with  any  other  offer  or  discount,  are  good  while  supplies  last  and  are  available  from  HP  Direct 
and  participating  HP  resellers.  All  featured  offers  available  in  U.S.  only.  Savings  based  on  HP  published  list  price  of  configure-to-order  equivalent  ($1 ,427  •  $358  instant  savings  =  $1 ,069).  Certain  warranty  restrictions  and  exclusions  may  apply.  For  complete  warranty  details,  call  1  -800-345-1 518  (U  S  ).  1 .  For  hard 
drives,  GB=billion  bytes.  2.  Optional  Remote  Insight  Lights-Out  Edition  II  (RIL0E II).  Intel,  Intel  Inside,  the  Intel  Inside  Logo  and  Intel  Pentium  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  ©2005  Hewlett-Packard  Development  Company,  L.P. 


powered  bycisco. 

A  hotel  in  Tokyo.  A  layover  in  London.  A  cafe  in  Sao  Paulo. 

Perfect  places  for  worms  and  spyware  to  find  their  way  to  your  business. 

Enter  the  Cisco  Self-Defending  Network  with  Network  Admission  Control 
It  adapts  to  new  breeds  of  threats  as  they  are  hatched  and  stops  attacks 
before  they  do  harm.  Automatically.  Proactively.  Instinctively. 

Learn  how  self-defending  networks  are  securing  business  at 
cisco.com/poweredby. 


Cisco  Systems 


- 


www.computerworld.com 


NEWS 


COMPUTERW0RLB  August  22, 2005  II 


Make  sure  you  get  the  latest 
in  network  services  by  looking 
for  the  Cisco  Powered  logo. 
From  managed  business  voice 
to  managed  security  and  virtual 
private  networks,  this  logo 
means  the  service  is  delivered 
over  a  network  built  end-to-end 
with  Cisco  equipment — which 
meets  the  highest  standards  for 
performance  and  reliability. 

' 

To  find  a  Cisco-recommended 
service  provider  or  to  download 
the  Cisco  Guide  to  Buying 
Managed  Network  Services, 
gotocisco.com/cpn. 


Southern  Burger  Chain  Beefs  Up 
Wi-Fi  Access  to  All  243  Stores 


Krystal  says  the  service 
has  attracted  new 
customers  to  restaurants 

BY  TODD  R.  WEISS 

A  year  after  offering  free  wireless  In¬ 
ternet  access  to  customers  in  52  com¬ 
pany-owned  restaurants  in  the  South, 
The  Krystal  Co.  hamburger  chain  has 
expanded  the  service  to  all  243  of  its 
locations. 

The  free  Wi-Fi  service  is  bringing  in 
new  customers  and  has  improved  in¬ 
ternal  communications  for  Krystal’s 
own  mobile  workers,  said  David  Reid, 
CIO  at  the  Chattanooga,  Tenn.-based 
company.  Krystal  began  the  service  in 
52  restaurants  in  June  2004. 

The  deployments  were  completed 
last  month  in  company-owned  restau¬ 
rants  in  12  states. 

The  service  is  attracting  new  cus¬ 
tomers,  Reid  said,  though  the  evidence 
so  far  is  only  anecdotal.  Based  on  cus¬ 
tomer  interviews,  “we  know  for  a  fact 
that  there  are  people  who  come  here  to 
Krystal  just  for  the  hot  spots,”  he  said. 

Records  of  IP  and  media  access  con¬ 
trol  addresses  that  have  accessed  the 
network  show  that  about  1,000  wire¬ 


less  computers  have  used  the  free 
Wi-Fi  network,  Reid  said. 

Krystal’s  mobile  workers  have  bene¬ 
fited  from  the  wireless  system  while 
on  the  road.  “It  has  made  our  work¬ 
force  so  much  more  efficient,”  Reid 
said.  “We’re  seeing  huge  gains  in  our 
own  productivity  and  our  communica¬ 
tions.  If  the  customers  find  it  benefi¬ 
cial,  then  that’s  just  gravy.” 

When  the  Wi-Fi  service  was  pro¬ 
posed,  the  company  quickly  chose  to 
provide  it  for  free,  Reid  said.  “It’s  so 
simple  to  provide  free  wireless,  and  it’s 
incredibly  complicated  to  charge  for 
it,”  he  noted. 

Krystal  HotSpots  use  a  broadband 
Internet  connection  that  allows  up  to 
32  users  to  simultaneously  access  the 
802.11b  network. 

Ken  Dulaney,  a  wireless  analyst  at 
Gartner  Inc.  in  Stamford,  Conn.,  said 
Wi-Fi  is  often  being  used  by  compa¬ 
nies  to  “attract  people  to  hang  around,” 
potentially  generating  additional  sales. 

“More  and  more  organizations  are 
doing  it.  They’ve  got  the  broadband  in 
there  for  their  own  use”  and  are  able  to 
expand  it  for  the  use  of  customers,  Du¬ 
laney  said.  “It’s  more  mainstream  than 
two  years  ago.”  O  56286 


©2005  Cisco  Systems.  Inc.  All  rights  reserved. 


when  you  decide 
on  the  service, 
this  logo  will 
help  you  decide 
on  a  provider. 


mv 


Analytics  Push  Helps  Siebel  Win  Sierra  Health  Deal 


BY  STACY  COWLEY 

Siebel  Systems  Inc.’s  recent  moves  to 
bolster  the  analytics  capabilities  in  its 
software  have  paid  off  in  at  least  one 
new  customer  win.  Sierra  Health  Ser¬ 
vices  Inc.  said  last  month  that  it  has 
picked  Siebel  to  underpin  a  $5  million 
CRM  overhaul,  and  its  CIO  cited  the 
vendor’s  analytics  offerings  as  a  major 
factor  in  the  deal. 

The  Las  Vegas-based  health  care 
company  uses  a  6-year-old  CRM  sys¬ 
tem  built  around  software  from  Onyx 
Software  Corp.  to  track  interactions 
with  its  580,000  customers.  Because 
the  hardware  and  operating  system 
software  supporting  the  system  are  ap¬ 
proaching  retirement  age,  Sierra  Health 
decided  to  start  over  from  scratch. 

“It  was  highly  customized,  and  that 
creates  roadblocks  to  be  able  to  up¬ 
grade  cost-effectively,”  said  CIO  Bob 
Schaich.  “We  knew  we  essentially  had 
to  have  a  complete  replacement.” 

Sierra  Health  initially  considered  a 
number  of  vendors  before  narrowing 


its  list  to  Siebel  and  Bellevue,  Wash.- 
based  Onyx.  After  several  months  of 
due  diligence,  Sierra  Health  opted  for 
Siebel.  “[The  analytics  software]  was  a 
real  value-add  for  us,”  Schaich  said. 
“Onyx  has  some  similar  products,  but 
we  felt  the  Siebel  analytics  would  be  a 
better  fit  for  our  environment.” 

An  Onyx  spokesman  didn’t  return  a 
call  seeking  comment. 

Fast-Growing  Product  Line 

Analytics  has  become  one  of  Siebel’s 
fastest  growing  product  lines,  with 
software  license  revenue  rising  44% 
last  year,  to  $111.6  million,  and  account¬ 
ing  for  more  than  22%  of  the  compa¬ 
ny’s  total  annual  license  revenue,  ac¬ 
cording  to  Siebel’s  annual  report. 

In  June,  CEO  George  Shaheen  cited 
analytics  as  one  of  four  key  growth  ar¬ 
eas  for  San  Mateo,  Calif. -based  Siebel. 

IDC  analyst  Robert  Blumstein  said 
Siebel  has  done  a  solid  job  of  growing 
its  analytics  business.  “That  has  been 
the  bright  spot  in  their  revenue  picture 


over  the  last  several  years,”  he  said. 

Sierra  Health  is  planning  a  phased 
rollout  of  the  new  system.  The  first 
product,  individual  insurance,  is  sched¬ 


uled  to  go  live  by  the  end  of  the  year. 
The  CRM  overhaul  includes  software, 
hardware,  services  and  third-party 
applications,  Schaich  said.  O  56288 


Cowley  is  a  reporter  for  the  IDG 
News  Service. 


wered 


20  C9MPUTERW0RLD  August  22, 2005 


OPINION 


www.computerworld.com 


DON  TENNANT 


Axing  the  Axis 


LAST  APRIL,  during  a  four-day  official  visit 
to  India,  Chinese  Premier  Wen  Jiabao  sent 
shivers  through  many  IT  pros  in  the  West. 
He  proclaimed  that  a  combination  of  Indi¬ 
an  software  skills  and  Chinese  hardware 
expertise  will  propel  the  two  countries  to  a  leader¬ 
ship  position  in  global  IT. 


“When  that  particular 
day  comes,”  Wen  trum¬ 
peted,  “it  will  signify  the 
coming  of  the  Asian  cen¬ 
tury  of  the  IT  industry.” 

It  was  a  disturbing  vi¬ 
sion  for  many  people  who 
had  already  been  fretting 
over  the  loss  of  jobs  to 
those  countries.  The 
thought  of  an  Asian  IT 
axis  that  would  present 
an  even  more  formidable 
threat  didn’t  sit  well  at  all. 

I  could  have  told  them  then  that 
they  had  nothing  to  worry  about, 
but  I  would  have  been  deluged  with 
more  irate  mail  from  readers  scoffing 
at  my  rose-colored  glasses.  And  our 
IT  guys  were  already  mad  at  me  for 
hogging  space  on  the  e-mail  server. 

But  I  bring  it  up  now  because 
there  was  a  good  example  last  week 
of  why  all  the  hand-wringing  was  un¬ 
necessary,  and  it’s  worth  recounting. 

Just  four  months  after  Wen’s  visit 
to  India,  during  which  he  toured  the 
massive  Bangalore  R&D  operations 
of  China’s  Huawei  Technologies 
(think  of  Huawei  as  China’s  Cisco 
Systems),  the  Indian  government 
made  it  clear  that  it  has  no  intention 
of  getting  too  chummy.  The  Times 
of  India  reported  last  week  that 
Huawei,  which  has  more  than  900 
engineers  in  Bangalore  and  has  an¬ 
nounced  plans  to  invest  $100  million 
in  its  Indian  operations,  is  being  kept 
at  a  safe  distance  from  India’s  core 
telecommunications  infrastructure 
for  security  reasons. 

According  to  the  article,  several  In¬ 
dian  government  agencies,  including 
the  RAW  (the  Research  and  Analysis 
Wing,  India’s  CIA)  have  concluded 
that  Huawei  poses  a  specific  threat. 


don  tennant  is  editor  in 
chief  of  Computerworld. 
You  can  contact  him  at 

don_tennant@ 
cemputerwoiid.com. 


The  RAW  stated  that 
Huawei  “has  been  re¬ 
sponsible  for  sweeping 
and  debugging  opera¬ 
tions  in  the  Chinese  em¬ 
bassy.  In  view  of  China’s 
focus  on  cyber  warfare, 
there  is  a  risk  of  exposing 
our  strategic  telecom 
network  to  the  Chinese.” 

Moreover,  India’s 
Ministry  of  External 
Affairs  cited  concerns 
over  Huawei’s  “links 
with  the  Chinese  military  and  intelli¬ 
gence  establishment,  their  clandes¬ 
tine  operations  in  Iraq  and  Taliban- 
ruled  Afghanistan,  and  their  close 
ties  with  the  Pakistan  army.” 

None  of  that  means  Huawei 
shouldn’t  be  engaged  by  India  and 
the  rest  of  the  international  commu¬ 
nity.  History  has  demonstrated  that 
engagement  yields  a  lot  more  posi¬ 
tive  change  than  the  alternative  does. 
There’s  no  question,  for  example, 


that  Huawei’s  2-year-old  joint  ven¬ 
ture  with  3Com  helped  the  Chinese 
firm  recognize  the  essential  nature 
of  honoring  other  companies’  intel¬ 
lectual  property.  An  isolated  Huawei 
would  have  been  far  less  likely  to 
end  its  violation  of  Cisco’s  intellectu¬ 
al  property  rights,  as  it  did  last  year. 

But  last  week’s  development  does 
demonstrate  why  Wen’s  vision  of  a 
two-country  IT  powerhouse  is  un¬ 
tenable.  Name  any  two  or  three 
countries,  and  try  to  imagine  them 
forming  a  successful  union  if  their 
purpose  is  to  lead  or  dominate. 

There  will  always  be  political  and 
economic  reasons  why  it  will  never 
happen.  The  union  will  succeed 
only  if  it  obviates  domination  by 
becoming  global. 

There  will  be  no  Asian  century  of 
the  IT  industry,  just  as  there  will  be 
no  African  or  European  or  North 
American  or  South  American  centu¬ 
ry  of  the  IT  industry.  The  day  we  can 
all  look  forward  to  is  the  one  when 
the  IT  industry,  along  with  every 
other  economic  and  professional 
sector,  is  truly  global. 

The  axis-of-power  idea  has  been 
tried.  Thankfully  for  all  of  us,  it 
didn’t  work.  O  56292 


OJR  N&W  RESEARCH  EffORT 
TO  PetECT  ANP  ANALTZ& 
MALICW  WEP  9ITE^  WILL 
Aulpw  05  To  IpeWY 
Anyone  who  HARM 

To  OUR  SreYEMS. 


sofiAR  We've 
narrower  it 

POWH  TO  THE 
RLANET  EARTH. 


BRUCE  A.  STEWART 

Why  People 
Don’t  Use 
Information 

OES  IT  SEEM  that  the 
more  information  you 
provide,  the  less  it  gets 

used?  Why  is  it  that  informa¬ 
tion  technology  is  so  good  at  the  tech¬ 
nology  part  and  can’t  seem  to  get  the 
information  part  going? 

Part  of  the  problem  is  that  we  con¬ 
fuse  what  our  systems  need  in  order 
to  work  efficiently  with  what  any  of 
us  need  in  order  to  answer  a  ques¬ 
tion.  (There’s  a  reason  Google  has  an 
$80  billion  market  cap  while  you’re 
considered  a  cost  center.) 

Yes,  our  systems  need  structured 
data  to  work  well.  So  when  we  load  up 
a  data  warehouse  for  all  those  ques¬ 
tions  (that  we  don’t  receive),  what 
should  we  do  differently? 

Think  of  the  ware¬ 
house  as  a  knowl¬ 
edge  manifold.  This 
is  a  structured  infor¬ 
mation  architecture 
supporting  strategies 
for  focusing  on  items 
or  ignoring  them. 

Like  in  the  Google 
model,  this  is  one 
vast  pool  of  informa¬ 
tion  that  seems  to 
shift  its  shape  de¬ 
pending  on  what’s 
asked  of  it. 

Unlike  Google’s, 
our  manifold  can 
certify  its  contents 
—  nothing  is  in  it 
that  can’t  be  traced 
back  to  a  trusted  source.  In  other 
words,  it  can  contain  information  that 
interprets  other  information. 

To  help  users  deal  with  their  ques¬ 
tions,  the  manifold  is  composed  from 
three  different  roles,  some  of  which 
might  be  in  IT  and  some  in  other  areas, 
such  as  finance  or  plant  scheduling. 

■  The  cartographer  adds  information 
that  puts  other  information  in  context. 
One  example  might  be  a  historical  ex¬ 
change-rate  table  that  lets  users  inter¬ 
pret  older  financial  results  from  differ¬ 
ent  divisions.  Cartographers  also  create 
“big  picture”  maps.  (All  these  items 
make  up  what  you  need  to  know  to  un¬ 
derstand  the  flow  through  this  plant.) 

■  The  librarian  fills  the  maps,  identi- 


BRUCE  A.  STEWART  is  a 
former  CEO  and  one¬ 
time  senior  vice  presi¬ 
dent  and  director  of 
executive  services  at 
Meta  Group  Inc.  He  is 
now  an  executive  advis¬ 
er  in  Vancouver,  British 
Columbia.  He  can 
be  contacted  at 
bruce@bastewart.com. 


www.computerworld.com 


OPINION 


COMPUTERWORLD  August  22, 2065 


'5 


| 

I 


| 

i 


fying  what  is  certified  (comes  from  in¬ 
ternal  sources),  what  is  uncertified  (is 
added  from  outside  sources)  and  what 
is  missing. 

■  The  composer  creates  new  inter¬ 
pretations,  typically  as  a  result  of  do¬ 
ing  more  work  to  augment  the  infor¬ 
mation. 

There  are  also  four  roles  that  are  ful¬ 
filled  to  support  questioning.  Again, 
these  are  scattered  throughout  the  or¬ 
ganization,  not  just  in  IT: 

■  A  coach  helps  users  by  encourag¬ 
ing  them  to  ask  questions.  Typically, 
this  is  a  role  carried  out  by  managers 
—  but  managers  in  turn  need  to  learn 
how  to  use  those  requests  to  develop 
their  staff. 

■  Knowledge  preachers  need  to  pro¬ 
vide  live  answers  on  demand  when 
the  warehouse  isn’t  enough.  (These  are 
the  “experts”  who  can  be  called  upon 
when  needed.) 

■  A  plumber  keeps  preachers  from 
being  inundated  with  requests  from 
people  who  are  unwilling  to  use  the 
tools  provided.  (This  is  a  great  growth 
role  for  a  help  desk  person.) 

■  Finally,  managers  and  significant 
peers  act  as  mentors  to  help  motivate 
more  questioning. 

Let’s  be  clear:  These  are  not  usually 
jobs,  but  rather  ways  of  looking  at 
issues.  One  person  may  fulfill  all  of 
these  roles  in  the  course  of  his  work¬ 
week.  A  person  can  be  a  preacher  in 
his  area  of  competence  and  need  a 
preacher  when  he’s  outside  his  normal 
work  competence. 

Some  of  you  by  now  might  be  say¬ 
ing,  “This  is  knowledge  management 
or  learning  theory;  how  does  it  apply 
to  data  warehouses  and  getting  people 
to  make  more  use  of  them?”  If  we’re  to 
fulfill  our  information  destiny  and  not 
just  our  technology  destiny,  we’re  go¬ 
ing  to  have  to  start  thinking  about  the 
questioner,  not  just  the  tools  to  gener¬ 
ate  an  answer.  Get  this  right,  and  justi¬ 
fying  the  next  warehouse  investment 
will  be  a  snap.  ©  56218 

MICHAEL  H.  HUGOS 

Re-evaluating 

Accountants 

WHEN  I  WAS  ASKED 
to  speak  at  the  an¬ 
nual  convention 
of  a  well-known  professional 
association  of  management  accoun¬ 
tants,  I  accepted  with  some  trepida¬ 
tion.  I  don’t  hold  being  an  accountant 


against  anyone,  but  with  the 
advent  of  ERP  systems,  it 
seems  that  we  IT  folks  have 
been  on  the  receiving  end  of 
a  lot  of  accountant-caused 
grief. 

In  many  cases,  I  felt,  it 
was  accountants  who  decid¬ 
ed  to  buy  those  infernal  ERP 
systems,  and  IT  got  stuck 
with  the  thankless  task  of  in¬ 
stalling  them.  Accountants 
insisted  on  making  endless 
software  modifications,  and 
we  got  blamed  for  the  cost 
overruns.  Once  the  systems 
were  installed,  the  accoun¬ 
tants  used  those  systems  to 
spin  the  numbers  and  park 
obscure  charges  on  our  IT 
budgets.  While  we  were 
busy  struggling  with  balky 
computer  systems,  they  were  busy 
devising  devilish  new  cost-allocation 
schemes. 

I  resolved  to  keep  these  dark 
thoughts  about  the  accounting  profes¬ 
sion  to  myself  and  at  least  try  to  give 
dialogue  and  diplomacy  a  chance.  My 
presentation  was  surprisingly  well  re¬ 
ceived,  and  members  of  the  audience 
asked  interesting  and  thoughtful  ques¬ 
tions.  That  evening,  my  hosts  arranged 
a  dinner.  Along  with  some  fine  sea¬ 
food,  they  served  several  bottles  of  ex¬ 


cellent  wine.  I  hadn’t  real¬ 
ized  that  people  of  the  ac¬ 
counting  persuasion  had 
such  good  taste.  I  began  to 
relax  ever  so  slightly.  Peo¬ 
ple  began  to  speak  a  bit 
more  frankly. 

Imagine  my  surprise 
when  I  heard  that  accoun¬ 
tants  are  feeling  equally 
threatened  by  IT  people. 
How  could  this  be?  Well,  it 
turns  out  that  with  the  ad¬ 
vent  of  ERP  systems,  many 
of  the  time-honored  activi¬ 
ties  of  the  accounting  pro¬ 
fession  have  been  automat¬ 
ed.  Gone  are  the  days  when 
accountants  could  spend 
the  better  part  of  a  month 
doing  a  month-end  close. 
Gone  are  the  days  when 
only  accountants  could  see  the  num¬ 
bers  and  everyone  else  had  to  go  hat  in 
hand  to  the  accounting  department  to 
get  a  profit-and-loss  statement. 

Many  accountants  are  having  a  real 
crisis  of  confidence.  “If  people  can  get 
their  own  financial  reports  without  ac¬ 
countants,  what  do  they  need  us  for?” 
they  asked.  “IT  people  and  their  infer¬ 
nal  ERP  systems  are  putting  us  out  of 
business.” 

This  was  astounding.  “What  do  you 
mean  ‘IT  people  and  our  infernal  ERP 


systems’?”  I  asked.  “I  thought  it  was 
you  guys  who  had  us  put  them  in.” 

“No,”  they  told  me,  “it  wasn’t  us.” 
That  night,  I  heard  stories  about 
smooth-talking  consultants  in  league 
with  glad-handing  software  vendors 
calling  on  gullible  executives.  I  heard 
stories  of  orders  issued  from  plush 
corner  offices  and  corporate  check¬ 
books  opened  to  legions  of  strangers. 

I  began  to  feel  embarrassed.  I 
thought  about  some  of  the  ungenerous 
and  downright  unkind  things  I  have 
said  about  accountants  in  moments  of 
stress  and  fear.  We  began  to  have  a 
meeting  of  the  minds.  We  agreed  that 
these  infernal  ERP  systems  are  threat¬ 
ening  all  of  us.  These  systems  make  it 
easy  for  companies  to  outsource  IT  op¬ 
erations,  and  they  make  it  way  too  easy 
for  nonaccountants  to  see  the  numbers. 

As  we  shook  hands  at  the  end  of 
the  evening,  I  realized  that  heretical 
thoughts  were  causing  me  to  question 
some  dearly  held  beliefs.  Is  it  time  to 
bury  the  hatchet  and  look  at  accoun¬ 
tants  as  fellow  travelers  on  this  jour¬ 
ney  of  discovery  at  the  dawn  of  a  new 
century?  Do  we  need  to  help  each  oth¬ 
er  redefine  our  professions?  ©  56208 


WANT  OUR  OPINION? 

OMore  columnists  and  links  to  archives  of  previous 
columns  are  on  our  Web  site: 

www.computerworld.com/columns 


AMD  Has  a  Right  to  Battle  Intel  in  Court 


WE’LL  ALL  HAVE  TO  WAIT  for 

the  truth  of  the  allegations  in¬ 
volving  Intel  and  AMD  to  come  out 
in  the  courts.  In  the  meantime,  it’s 
interesting  fodder  for  the  technolo¬ 
gy  press,  including  Don  Tennant, 
to  speculate  and  pontificate  about 
[“AMD:  All  My  Disgust,"  QuickLink 
55310],  Perhaps  it’s  my  turn. 

I’m  appalled  that  Tennant  claims 
that  “the  only  way  Intel  can  be  suc¬ 
cessful  in  its  alleged  attempts  to 
bully  vendors”  is  for  computer  buy¬ 
ers  to  perceive  that  AMD  has  inferi¬ 
or  products  and  that  this  has  hap¬ 
pened  because  AMD’s  marketing  is 
incompetent.  In  so  doing,  he  sug¬ 
gests  that  competent  marketing 
can  triumph  over  (for  now  alleged) 
egregious  and  illegal  marketplace 
manipulation  every  time. 

This  is  like  saying  the  good  guys 
always  win,  even  or  especially 
when  they  have  their  hands  tied 
behind  their  backs. 

The  marketplace  is  a  battlefield 


every  day  for  every  business.  Many 
times,  that  battle,  of  necessity, 
moves  to  the  courts. 

My  sense  is  that  AMD  finally  has 
achieved  a  critical  mass  of  credibili¬ 
ty  in  the  market  and  that  its  slowly 
increasing  market  share  in  the  busi¬ 
ness  arena  gives  it  the  courage  and 
resources  to  adequately  pursue 
what  it  believes  is  an  appropriate 
remedy  at  law.  Perchance  the  tim¬ 
ing  is  also  driven  by  what  AMD  be¬ 
lieves  will  finally  be  a  preponder¬ 
ance  of  evidence  that  will  support 
its  claims. 

Consider  the  likelihood  that  the 
mass  market  is  controlled  more  by 
mass  builders  than  consuming 
masses  clamoring  for  the  cheapest 
or  the  best  technology.  As  such, 
AMD’s  credibility  and  current  mar¬ 
ket  share  have  been  driven  by  the 
few  rather  than  the  many. 

Educating  the  public  is  difficult, 
because  people  rarely  believe  that 
they  need  educating  until  some¬ 


thing  in  their  lives  cave  in.  (Don’t  get 
me  started  on  health  care.)  For  most 
people,  what  CPU  controls  their 
computer  doesn’t  fall  into  that  cate¬ 
gory.  The  consuming  public  will 
drink  what’s  offered. 

Glenn  Dunham 
Conway,  Ark. 

Don’t  Knock 
‘Lone  Wolves’ 

THE  ARTICLE  “Reinforcing 
Reuse”  [QuickLink  54382]  had 
me  up  until  the  last  point,  “Show 
‘lone  wolves'  the  door.”  It  has  been 
my  experience  that  a  good  portion 
of  code  that  actually  gets  reused 
(and/or  used  as  a  template  for  other 
solutions)  was  developed  in  a  skunk 
works  kind  of  environment. 

In  all  but  the  largest  organiza¬ 
tions,  often  this  is  a  skunk  works  of 
one,  with  reusability/modifiability 
being  the  conscious  design  decision 
of  the  code  architect. 

If  you  need  a  real-world  example 
to  visualize  what  I  am  trying  to  artic¬ 


ulate,  consider  that  many  of  the 
(very  highly  reused)  utilities  in  Unix 
were  the  vision  and  product  of  a 
single  individual. 

By  all  means,  hook  people  into 
a  network  of  shared  ideas  for  re¬ 
usability,  but  don't  penalize  or  de¬ 
monize  the  minority  who  often  are 
the  architects  and  implementors  of 
the  most  reusable  code. 

Dan  Goodman 

Systems  engineer  specialist, 

Philadelphia 

COMPUTERWORLD  welcomes 
comments  from  its  readers.  Letters 
will  be  edited  for  brevity  and  clarity. 
They  should  be  addressed  to 
Jamie  Eckle,  letters  editor,  Com- 
puterworld,  PO  Box  9171, 1  Speen 
Street,  Framingham,  Mass.  01701. 
Fax:(508)879-4843.  E-mail: 
letters@computerworld.com. 
Include  an  address  and  phone 
number  for  immediate  verification. 

OFor  more  letters  on  these  and 
other  topics,  go  to 

www.cornputerworld.com/letteis 


MICHAEL  H.  HUGOS  is  CIO 

at  Network  Services 
Co.,  a  distribution 
cooperative  in  Mount 
Prospect,  III.,  that  sells 
food-service  and  janito¬ 
rial  supplies.  He  is  the 
author  of  Building  the 
Real-  Time  Enterprise: 
An  Executive  Briefing 
(John  Wiley  &  Sons 
Inc.,  2004).  He  can 
be  reached  at 
mhugos@nsconline.com. 


ThinkPad  recommends  Microsoft®  Windows®  XP  Professional. 


■ 


8k 


..ij 


,, 


mm. 


, 


'm 


RECOVERS  YOUR  WORK  IN  MINUTES. 

RESTORES  YOUR  SANITY  IN  AN  INSTANT. 


Availability  All  offer .  subject  to  availability.  Lenovo  reserves  the  right  to  alter  product  offerings  and  specifications  at  any  time,  without  notice.  Lenovo  is  not  responsible  for  photographic  or  typographic  errors.  Pricing:  Prices  do  not  include  tax  or  shipping  or  recycling  fees  and  are  subject  to  change  without  notice. 
Roller  prices  may  van  Warranty:  For  a  copy  of  applicable  product  warranties,  write  to:  Warranty  Information,  P.0.  Box  12195,  RIP,  NC  27709,  Attn:  Dept  UF2A/B203.  Lenovo  makes  no  representation  or  warranty  regarding  third  party  products  or  services.  Footnotes:  (1)  Mobile  Processors:  Power  management  reduces 
process,,,  ■  -end  when  in  battery  mode.  (2)  Wireless:  based  on  IEEE  802.11a,  802.11b  and  802.11g  respectively.  An  adapter  with  Ua/b,  llb/g  or  lla/b/g  can  communicate  on  either/any  of  these  listed  formats  respectively;  the  actual  connection  will  be  based  on  the  access  point  to  which  it  connects.  (3)  Included 
software-  may  differ  from  its  retail  version  (if  available),  and  may  not  include  user  manuals  or  all  program  functionality.  License  agreements  may  apply.  (4)  Memory:  For  PCs  without  a  separate  video  card,  memory  supports  both  system  and  video.  Accessible  system  memory  is  up  to  64MB  less  than i  the -amount 
sir, i- 1  -- raiding  on  video  mode  (5)  Hard  drive:  GB  =  billion  bytes.  Accessible  capacity  is  less;  up  to  4GB  is  service  partition.  (7)  Thinness:  may  vary  at  certain  points  on  the  system.  (8)  Travel  Weight:  includes  battery  and  optional  travel  bezel  instead  of  standard  optical  drive  in  Ultrabay  bay,  if  applicable;  weight 
may  vary  dim  ‘o  vendor  components  manufacturing  process  and  options.  (9)  Internet  access  required;  not  included.  (10)  Embedded  Security  Subsystem;  requires  software  download.  (11)  Limited  warranty;  Support  unrelated  to  a  warranty  issue  may  be  subject  to  additional  charges.  (12)  Systems  with  limited  onsite 


MOBILE 

TECHNOLOGY 


RESCUE  AND  RECOVERY.  ONLY  ON  A  THINKPAD. 

Maybe  you’ve  had  a  virus  attack.  Or  a  software  installation 
failure.  Or  your  operating  system’s  been  corrupted.  Just  press 
the  blue  button  on  any  ThinkPad®  notebook  and  a  range  of  tools 
comes  to  the  rescue.  It’s  called  Rescue  and  Recovery™ 
Standard  on  all  new  ThinkPad  notebooks;  it  can  get  you  up  and 
running  even  when  your  operating  system's  down.  So  work  with 
a  feeling  of  confidence.  Instead  of  that  sinking  feeling. 

ThinkPad  R50e 

DISTINCTIVE  INNOVATIONS 

Rescue  and  Recovery  -  one  button 
recovery  and  restore  solution 

ThinkPad  X40 

Thinnest  and  lightest  ThinkPad  ultraportable  ever. 

DISTINCTIVE  INNOVATIONS 

Embedded  Security  Subsystem  2.0  - 
Strong  security  as  a  standard  feature 

SYSTEM  FEATURES 

Intel®  Centrino™  Mobile  Technology 

Intel*  Pentium®  M  Processor  725  (1,60GHz)1 
Intel®  PRO/Wireless  2200BG  (802.1  lb/g)2 

SYSTEM  FEATURES 

Intel®  Centrino™  Mobile  Technology 

Intel®  Pentium®  M  Processor  ULV  733  (1.10GHz) 
Intel*  PRO/Wireless  2200BG  (802.11b/g) 

Microsoft®  Windows®  XP  Professional3 

Microsoft®  Windows®  XP  Professional 

15"  XGA  TFT  Display  (1024x768) 

256MB  DDR  SDRAM4,  40GB  Hard  Drive5 

256MB  DDR  SDRAM,  30GB  Hard  Drive 
Only  .94"  thin7  and  2.7-lb  travel  weight8 

$999  (P/N  1842QDU) 

$1499  (P/N  2386BHU) 

ThinkPad  Premiere  Leather 

Carrying  Case 

$99  (P/N  10K0209) 

ThinkPad  Women’s  Executive 

Red  Leather  Tote 

$130  (P/N  22P8858) 

With  the  Think  Express  Program,  ThinkPad  notebooks  are  preconfigured  with  your  business,  and  your  budget,  in  mind. 

To  shop  or  locate  your 


local  reseller 


Gall  1  866-426-0009 

Go  to  thinkpad.com/shop/m583 


ThinkPad  is  a  product  of  Lenovo. 


service:  are  designed  to  be  repaired  during  the  applicable  warranty  period  primarily  with  customer-replaceable  parts.  A  technician  will  only  be  sent  onsite  to  perform  a  repair  if  (a)  remote  telephone  diagnosis  and/or  customer  part  replacement  are  unable  to  resolve  the  problem,  or  (b)  the  part  is  one  of  the  few 
designated  by  Lenovo  for  onsite  replacement.  For  a  list  of  onsite  replaceable  parts,  contact  Lenovo.  Support  unrelated  to  a  warranty  issue  may  be  subject  to  additional  charges.  Trademarks:  The  following  are  trademarks  of  Lenovo:  ThinkPad,  ThinkCentre  and  UltraConnect.  IBM  and  IBM  logo  are  registered 
trademarks  of  IBM  and  are  used  under  license.  Microsoft  and  Windows  are  registered  trademarks  of  Microsoft  Corporation.  Intel,  Intel  Inside,  Intel  Inside  logo,  Intel  Centrino,  Intel  Centrino  logo,  Celeron,  Intel  Xeon,  Intel  SpeedStep,  Itanium,  Pentium,  and  Pentium  III  Xeon  are  trademarks  or  registered  trademarks 
of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  of  other  companies.  ©2005  Lenovo.  All  rights  reserved 
Visit  www.lenovo.com/safecomputing  periodically  lor  the  latest  information  on  safe  and  effective  computing. 


Got  Questions  About 
Enterprise  Analytics? 

Computerworld’s  IT  Management  Summit  Has  the  Answers 


Looking  to  better  understand  enterprise 
analytics?  Apply  to  attend  Computerworld’s 
complimentary*  half-day  IT  Management 
Summit:  Beyond  Business  Intelligence. 

Enterprise  analytics  enable  companies  to 
make  timely  fact-based  decisions  using 
critical  information  from  across  the  entire 
organization.  By  fully  leveraging  data, 
technology,  skills  and  processes,  successful 
users  of  enterprise  analytics  go  beyond 
simply  understanding  the  past,  to  predicting 
outcomes  that  improve  overall  corporate 
performance. 

This  summit  will  feature  the  latest  insights 
of  business  intelligence  industry  experts  and 
will  give  you  first-hand  information  on  the 
innovations  and  experiences  of  companies 
successfully  deploying  enterprise  analytics. 


Beyond  Business  Intelligence: 

Using  Enterprise  Analytics  to  Drive 
Fact-Based  Decisions 

San  Francisco,  California  •  September  20,  2005 

Pan  Pacific  San  Francisco  Hotel  •  500  Post  Street,  Union  Square 


8:00am  to  8:30am 
8:30am  to  8:40am 


8:40am  to  9:10am 


9:10am  to  10:00am 


Registration  and  Networking  Breakfast 

Introduction  and  Overview 

Julia  King,  Executive  Editor,  Events,  and  National  Correspondent, 
Computerworld 

Trends  in  Enterprise  Analytics: 

An  Industry  Analyst’s  Overview 

Keith  Gile,  Principal  Analyst,  Forrester  Research 

Transforming  Enterprise  Data  Into 
Actionable  Business  Intelligence 

Keith  Collins,  SVP  and  Chief  Technology  Officer,  SAS 
Michael  Tillema,  Business  Intelligence  Strategist,  Intel 


1 0:00am  to  1 0: 1 5am  Refreshment  and  Networking  Break 

1 0: 1 5am  to  1 0:45am  Case  Study:  APEX  Management  Group 

Jody  Porrazzo,  Ph.D.,  Director  of  Econometric  Risk  Strategy, 
APEX  Management  Group 


Selected 

speakers  include: 


Jody  Porrazzo,  Ph.D. 
Director  of  Econometric  Risk 
Strategy,  Niis/APEX  Group 
Holdings 


Keith  Gile 
Principal  Analyst, 
Forrester  Research 


Keith  Collins 

SVP  and  Chief  Technology 

Officer,  SAS 


*  Complimentary  registration  is  restricted  to 
qualified  IT  managers  only. 


10:45am  to  1 1:15am 


Apply  for  registration  today 

Contact  Chris  Leger  at  888-299-0155 
or  visit:  www.itmanagementsummit.com 


Noon 


Case  Study:  McKesson 

Stephen  Zander,  Vice  President,  Enterprise  Business  Intelligence 
Service,  McKesson 

Panel  Discussion  -  From  Gut  Feel  to  Fact-Based 
Decisions:  Real-Life  Business,  Political  and 
Technology  Lessons  Learned  on  the  Front  Lines  of 
Enterprise  Analytics 

Moderator:  Julia  King,  Executive  Editor,  Events,  and  National 

Correspondent,  Computerworld 

Panelists: 

•Jody  Porrazzo,  Ph.D.,  Director  of  Econometric  Risk  Strategy, 
APEX  Management  Group 

•  Stephen  Zander,  Vice  President,  Enterprise  Business 
Intelligence  Service,  McKesson 

•  Keith  Gile,  Principal  Analyst,  Forrester  Research 

•  Keith  Collins,  SVP  and  Chief  Technology  Officer,  SAS 

•  Michael  Tillema,  Business  Intelligence  Strategist,  Intel 

Luncheon  (optional) 


Michael  Tillema 

Business  Intelligence  Strategist, 

Intel 


Julia  King 

Executive  Editor,  Events,  and 
National  Correspondent 
Computerworld 


Exclusively  sponsored  by 


>sas.  intJ. 

The  Power  to  Know, 

SAS  and  all  other  SAS  Institute  Inc,  product  or  service  names  are  registered  trademarks 
or  trademarks  of  SAS  Institute  Inc.  in  the  USA  and  other  countries.  ®  indicates  USA 
registration.  Other  brand  and  product  names  are  trademarks  of  their  respective  compa¬ 
nies,  Intel  and  the  Intel  logo  are  trademarks  or  registered  trademarks  of  Intel 
Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries. 


COMPUTERWORLD 

IT  MANAGEMENT  SUMMIT 


SERIES 


2nd  Annual 


DMTF 


ENTERPRISE 

MANAGEMENT 

WORLD 

SOLUTIONS  FOR  THE 
DATA  CENTER 


COMPUTERWORLD 


Co-Owned  and  Endorsed  by 


IDMTF  ft] 


Co-Owned  and  Produced  by 


COMPUTERWORLD 


Distributed  Management 
Solutions  for  Today’s 
IT  Data  Center  and  Infrastructure 


Featured  Speakers  Include: 
O  JERRY  BARTLETT 

Vice  President,  Application  Development 
Ameritrade 


Opening  Visionary  Presentation: 

Dynamic  IT/Dynamic  Enterprise 

What  the  Next  Generation  IT  Looks  Like  and 
How  Customers  Are  Attacking  the  Migration 


BOB  CARROLL 

Chief  Information  Officer 

Apollo  Group  (The  University  of  Phoenix) 


FRANK  GENS 

Senior  Vice  President,  Research 
IDC 


MICHAEL  CRISAFULLI 

Vice  President,  Core  Services 
AOL  Systems  Operations 

CINDY  S.  HUGHES 

Chief  Information  Officer  and  Director  of  IT 
Maryland  Automobile  Insurance  Fund 

JIM  HULL 

Vice  President,  Engineering  Services 
Mastercard  International 

ROB  MCCORMICK 

Js  '  Chairman  &  CEO 

ML  sawis 

JAIME  SGUERRA 

Second  Vice  President  &  Chief  Architect 
Guardian  Life 


The  Leading  Executive 
Conference  for: 

•  Enterprise  IT  Management 

•  Data  Center  Management 

•  Network  Server  and  Storage 
Management 

•  Network  and  Communications 
Management 

•  Infrastructure  and  Data  Architects 

•  Systems  Integration  Specialists 

•  Enterprise  Security  Management 

To  register  or  for  more  information, 
visit  www.emwusa.com/cw 


Sponsors  expected  at  Enterprise  Management  World  2005  include:  As  of  8/15/05 


PLATINUM  SPONSOR 

GOLD  SPONSORS 

SILVER  SPONSORS 

MEDIA  &  ASSOCIATION  SPONSORS 

A 

CiicoSriinj! 

DOLL 

IV 

Avocent. 

ctcna 

aWOTHWOHI)  Exm?so1?: 

BROADCOM. 

intel 

m 

necpath 

•  IDC  Trainer' 

everything’ 

cyclades 

EMC2 

where  information  lives 

fURaritan 

a  sawis 

HITACHI 

Inspire  the  Next 

Symantec. 

~y  SYMBIUM 

<CrO 

“BEST  PRACTICES"  AWARDS 
PROGRAM  SPONSORED  BY: 

NaoScaie 

SNIA^-^ 

♦>WysDM 

ATeamQuest 

®WBEM 

SOLUTIONS 

EMC 

where  information  lives 

For  sponsorship  opportunities,  call  Leo  Leger  at  508-820-8212 


“The  mission  of  the  DMTF  is  weli 
served  by  a  conference  dedicated 
to  information  and  infrastructure 
management  solutions.  Enterprise 
Management  World  continues 
to  address  the  challenges  in 
expanding  and  managing  data 
centers  and  communication 
networks.  We  invite  our  member 
companies,  Alliance  Partners  and 
the  industry  at  large  to  contribute 
to  the  advancement  of  this  critical 
mission  by  participating." 

Jim  Turner 
Cisco 

Chairman,  DMTF 


2nd  Annual 

dmtfS] 


ENTERPRISE 

MANAGEMENT 

WORLD 

SOLUTIONS  FOR  THE 
DATA  CENTER 


COMPUTERWORLD 


Distributed  Management  Solutions  for 
Today’s  IT  Data  Center  and  Infrastructure 

•  Gain  insight  to  manage  large,  distributed  data  center  IT  infrastructure 

•  Identify  and  select  the  latest  in  data  center  and  enterprise 
management  technologies 

•  Hear  the  latest  in  server  management,  utility  computing,  and  security 

•  Learn  from  best  practices,  case  studies,  and  tutorials 

Why  You  Should  Attend 

Are  you  responsible  for  managing  your  company's  data  center  assets?  Want  to  exchange  innovative  ideas 
and  strategies  with  other  executives  who  share  the  same  objectives?  Then  attend  Enterprise  Management 
World,  where  you’ll  network  with  and  learn  from  renowned  experts  and  the  nation’s  top  user  executives. 


Featuring... 

DMTF  Tutorial  Track 

Attendees  will  learn  about  existing  and  emerging  new  management  standards  and  how  they  will  impact  their 
business,  including:  SMASH  and  the  new  Command  Line  Protocol;  Common  Information  Model  Schema  for  Policy, 
Networking  and  Core  elements;  Web  Services  Management;  SMI-S  and  the  next  major  version  of  CIM  -  3.0. 

Virtual  Data  Center  Tour 

Learn  the  secrets  of  successful  data  center  management  during  EMW’s  “Virtual  Tour”  of  one  of  the  country's 
top  data  centers.  Award-winning  technology  experts  will  be  at  EMW,  providing  you  with  a  sneak  peek  into  the 
complex  global  IT  operations  at  a  critical  site  for  this  multi-billion  dollar  company,  which  is  consistently  ranked 
as  one  of  the  most  innovative  users  of  information  technology.  Attendees  will  learn  about  how  the  industry's 
leading  distributed  management  standards  and  technologies  can  help  improve  their  global  operations, 
increase  ROI,  and  give  them  the  business  intelligence  needed  to  stay  competitive  in  today’s  marketplace. 

Technology  Demos 

See  today's  latest  distributed  management  solutions  in  action  at  EMW’s  interactive  technology  demonstrations. 
Offering  a  showcase  of  the  industry's  leading  standards  and  technologies,  which  address  the  complexity  of  distributed 
management,  the  EMW  demos  will  provide  real  insights  into  how  you  can  innovate  in  your  IT  data  center  and 
infrastructure.  Come  experience  live  demonstrations  that  may  include  technologies  based  on  CIM,  SMASH, 
WBEM,  SMI-S  and  management  of  Web  Services,  while  meeting  with  industry  experts  who  can  help  you  better 
understand  how  these  standards  and  technologies  will  help  you  to  manage  your  data  center  more  effectively. 


Conference  At-a-Glance  (subject  to  change) 

i  ittrii  in»ru-rrryTWMWT-rn»i»ii»iii«i»iiii»TiTrirri-ri — n — r  . a— ■w—waww 

For  details,  updates,  and  to  register  visit  www.emwusa.com/cw 


MONDAY,  SEPTEMBER  12 _ Registration  Open  8:00am  -  8:00pm 


1 0:00am  -  1 1 :00am 
1 1 :00am  -  Noon 


Best  Practices  in  the  Acquisition  Process:  The  Managed  Acquisition  Process 

David  Whitinger,  Director  of  Consulting,  International  Computer  Negotiations,  Inc. 

The  Future  of  IT:  How  Significant  Technology  Tremors  Will  Create  Strategic 
Market  Opportunity 

Frank  Baitman,  Director,  Institute  of  the  Future 


Noon  -  1 :00pm 
1 :00pm  -  5:30pm 

7:00pm  -  9:00pm 


“Birds  of  a  Feather”  Lunch 

Concurrent  Tracks;  Voice  of  the  User,  DMTF  Technical  Tutorial  and  Deployable 
Solutions  Tracks 
Welcome  Reception 


TUESDAY,  SEPTEMBER  13 _ Registration  Open  7:00am  -  7:00pm 

7:00am  -  8:00am  Breakfast 


8:00am  -  8:1  5am 
8:1 5am  -  9:00am 


Opening  Remarks 


Dynamic  IT/Dynamic  Enterprise:  What  the  Next  Generation  IT  Looks  Like 
and  How  Customers  are  Attacking  the  Migration 

Frank  Gens,  Senior  Vice  President,  Research,  IDC 


continued 


I 


For  more  information  and  to  register,  visit  www.emwusa.com/cw  or  call  1-800-883-9090 


TUESDAY,  SEPTEMBER  13  (continued) 


9:00am  -  9:30am 

9:30am  -10:00am 

10:00am  -  10:15am 
1 0:1 5am  -  1 0:45am 

10:45am  -  1 1 :1 5am 

1 1 :1 5am  -  Noon 


Noon  -  1 :30pm 
1 :30pm  -  2:00pm 

2:00pm  -  2:30pm 
2:30pm  -  3:00pm 

3:00pm  -  3:30pm 
3:30pm  -  3:45pm 
3:35pm  -  5:30pm 

5:35pm  -  8:30pm 


Industry  Leader  Presentation:  Distributed  Infrastructure  Management, 
Intelligence  and  Standards  Propel  Higher  Levels  of  Efficiencies 

Chris  Gahagan,  Senior  Vice  President,  Storage  Management  Software,  EMC 

End-User  Case  Study 

Michael  Crisafulli,  Vice  President,  Core  Services,  AOL  Systems  Operations 


Break 


m 


The  Data  Center  Decision  -  Build,  Buy,  or  Co-locate? 

Bob  Carroll,  CIO,  University  of  Phoenix/ Apollo  Group,  Inc. 

The  Data  Center  Utility:  The  Next  Generation  of  Computing 

Rob  McCormick,  Chairman  and  CEO,  SAVVIS 

f)  End-User  Panel  Discussion:  Reducing  IT  Complexity 

Moderated  by  Julia  King,  National  Correspondent  and  Executive  Editor,  Events,  Computerworld 
Panelists:  Cindy  Hughes,  CIO  and  IT  Director,  Maryland  Automobile  Insurance  Fund; 

John  Bryer,  Vice  President,  Information  Technology,  GMH  Communities  Trust;  Jaime  Sguerra, 
Second  Vice  President  Chief  Architect  &  Senior  Business  Systems  Officer,  Corporate  Marketing, 
Guardian  Life;  Josh  Freeman,  Director  of  IT,  The  New  York  Botanical  Garden 

Networking  Luncheon 

Ameritrade’s  Story:  Running  Your  Data  Center  More  Efficiently 

Jerry  Bartlett,  Vice  President,  Application  Development,  Ameritrade 

Industry  Leader  Presentation 
f  Enterprise  Management  -  A  Global  Approach 

Jim  Hull,  Vce  President,  Engineering  Services,  Mastercard  International 

Industry  Leader  Presentation 

Break 

Concurrent  Tracks;  Voice  of  the  User,  DMTF  Technical  Tutorial 

and  Deployable  Solutions  Tracks 

Expo  and  Technology  Showcase  with  Dinner 


WEDNESDAY,  SEPTEMBER  14  Registration  Open  7:00am  -  7:00pm 


7:00am  -  8:00am 
8:00am  -  8:1  5am 
8:1 5am  -  9:00am 

9:00am  -  9:30am 
9:30am  -  10:00am 


10:00am  -  10:15am 
10:15am  -  10:45am 
10:45am  -  1  1 :1 5am 

1 1 :1 5am  -  Noon 
Noon  -  1 :30pm 
1 :30pm  -  3:1 5pm 
3:1 5pm  -  3:30pm 
3:30pm  -  5:20pm 

5:30pm  -  6:30pm 
7:00pm  -  9:00pm 
5:35pm  -  8:30pm 


Breakfast 

Opening  Remarks 

Opening  Address:  Web  Services  Oriented  Architecture  -  Delivering  on  the 
Organization’s  Mission  at  NASA 

Nitm  Naik,  Associate  Chief  Technology  Officer,  NASA  (National  Aeronautics  and  Space  Administration) 

Industry  Leader  Presentation 

An  Enterprise  Architecture  for  Competitive  Advantage 

Jaime  Sguerra,  Second  Vice  President,  Chief  Architect  &  Senior  Business  Systems  Officer, 
Corporate  Marketing,  Guardian  Life 

Break 

Industry  Leader  Presentation 

Efficiency  in  Operations:  A  Maryland  Automobile  Insurance  Fund  Case  Study 

Cindy  Hughes,  CIO  and  IT  Director,  Maryland  Automobile  Insurance  Fund 

Data  Center  Tour 

Expo  &  Technology  Showcase  with  Lunch 

IDC  Analyst  Briefing  and  DMTF  Technical  Tutorial  Track 

Break 

Concurrent  Tracks;  Voice  of  the  User,  DMTF  Technical  Tutorial  and  Deployable 

Solutions  Tracks 

Expo  and  Technology  Showcase 

Gala  Evening  with  “Best  Practices”  Awards  Ceremony,  Dinner  and  Entertainment 
Expo  and  Technology  Showcase  with  Dinner 


Bethesda  North  Marriott 
Hotel  &  Conference  Center 

North  Bethesda,  Maryland 


Hotel  Reservations  and  Travel  Services 


Global  Odysseys  is  the  official  travel  company  for  Enterprise  Management  World.  They 
are  your  one-stop  shop  for  exclusive  discounted  rates  on  hotel  accommodations. 

To  reserve  your  accommodations,  visit:  www.etcentral.com  oiobai odymeya 
You  can  also  call  our  conference  housing  line  at:  1-888-254-1597 


DMTF  £| 


To  learn  more  about  the  Distributed  Management  Task  Force, 
visit  www.dmtf.org 


“Enterprise  management  is  a 
business  area  where  it  is  chal¬ 
lenging  to  stimulate  collaborative 
interactivity.  There  just  are  not  a 
lot  of  opportunities  to  meet  with 
colleagues  from  other  firms  and 
share  experiences.  EMW  provides 
the  forum  where  you  can  find 
new  innovations  and  practical 
experiences  from  other  technical 
managers  who  have  accomplished 
real  world  changes  and  can  help 
you  translate  their  experiences 
into  your  reality." 

Irving  Tyler 
Quaker  Chemical 
Vice  President  &CIO 


“EMW  is  a  great  gathering  of 
high-caliber  IT  talent.  When  you 
attend  these  conferences,  you're 
guaranteed  plenty  of  detailed, 
useful  information,  but  without 
the  hype,  which  helps  technology 
professionals  stay  ahead  of 
important  industry  trends. 

Worth  every  minute." 

Ronald  V.  Rose 

Priceline.com 

CIO 


“EMW  is  important  because  it’s 
one  of  the  few  places  where 
people  are  actively  discussing 
the  critical  issues  of  data  center 
management:  environment, 
security  and  connectivity.  EMW  is 
a  great  forum  for  CIOs  to  pick 
their  heads  up  from  their  day  to 
day  operations  and  become  aware 
that  they  are  not  alone  in  their 
concerns  and  issues,  which  are  in 
fact  shared  across  all  industries 
and  verticals.” 

H.  Jameson  Holcombe 

Globix 

CTO 


September  12-14,  2005  •  Bethesda  North  Marriott  Hotel  &  Conference  Center  •  North  Bethesda,  Maryland 


2nd  Annual 


DMTF  ft] 


ENTERPRISE 

MANAGEMENT 


WORLD 

SOLUTIONS  FOR  THE 
DATA  CENTER 

COMPUTERWORLD 

September  12-14,  2005 

Bethesda  North  Marriott 
Hotel  &  Conference  Center 
North  Bethesda,  Maryland 


Application  for  Conference  Registration 

Fax  this  completed  application  to  1  -508-820-8254  or  apply  online  at:  www.emwusa.com/cw 


Your  business  card  is 
REQUIRED 

to  process  your  application 

Please  affix  your  business  card  to  this  space  prior  to 
submitting  your  application.  Applications  submitted 
without  business  cards  will  not  be  processed. 

Questions?  Call  1-800-883*9090 

>■■■■•■  '  .  •  ■  :  : 


If  not  indicated  on  your  business  card,  please 
provide  the  following  required  information: 


Corporate  Email  Address 


Corporate  Website 

Registration  questions? 

Call  1  -800-883-9090  or  email 
emwreg@computerworld.com 

Need  accommodations? 

Reserve  them  at:  www.etcentral.com 
Or  call  1-888-254-1597 
or  email:  eventhousing@globalodysseys.com 


Please  check  ONE  of  the  following: 


□ 


$995  General  Conference  Package 

(includes  General  Conference  Sessions,  Expo,  Meals  &  Receptions) 


I  am  an  IT  End-User* 

(Complete  Attendee  Profile  below) 

■  IT  End-Users  are  defined  as  those  who  are  attending  Enterprise  Management  World  with  an  intent  (and  an  IT  spending  budget)  to  potentially  buy/lease  hardware/software/services,  etc  from 
our  conference  sponsors  and  are  not  themselves  an  IT  vendor.  As  such,  account  representatives,  business  development  personnel,  analysts,  consultants  and  anyone  else  attending  who  does  nc 
have  IT  purchasing  influence  within  their  organization  are  excluded  from  the  “IT  End-User"  designation.  Interpretation  and  enforcement  of  this  policy  are  at  the  sole  discretion  of  Computerworld, 

Attendee  Profile:  This  section  MUST  be  completed  by  IT  End-Users  and  Channel  Partners/Integrators/Consultants  only  (optional  for  all  other  registrations)  in  order  to  process  your  application. 


Your  Business/Industry 

□  Aerospace 

□  Manufacturing  &  Process  Industries  (non-computer  related) 

□  Finance/Banking/Accounting 

□  Insurance/Real  Estate/Legal  Services 

□  Government:  Federal  (including  Military) 

□  Government:  State  or  Local 

□  Health/Medical/Dental  Services 

□  Retailer/Wholesaler/Distributor  (non-computer  related) 

□  Transportation/Utilities 

□  Communication  Carriers 

(ISP,  Telecom,  Data  Comm,  TV/Cable) 

□  Construction/Architecture/Engineering 

□  Data  Processing  Services 

□  Education 

□  Agriculture/Forestry/Fisheries 

□  Mining/Oil/Gas 

□  Travel/Hospitalrty/Recreation/Entertamment 

□  Publishing/Broadcast/ Advertising/ 

Public  Relations/Marketing 

□  Research/Development  Lab 

□  Business  Services/Consultant  (non-computer  related) 

□  Manufacturing  of  Computers,  Communications, 

Peripheral  Equipment  or  Software 


Your  Job  Title/Function: 

IT  MANAGEMENT 

□  CIO,  CTO,  CSO 

□  Executive  VP,  Senior  VP 

□  Vice  President 

□  Director 

□  Manager/Other  IT  Manager 

□  Supervisor 

BUSINESS  MANAGEMENT 

□  CEO,  COO,  Chairman,  President 

□  CFO,  Controller,  Treasurer 

□  Executive  VP,  Senior  VP.  VP,  General  Manager 

□  Director,  Manager 

□  Other  Corporate/Business  Manager 

Number  of  employees  in  your  entire  organization 
(ALL  locations) 

□  20,000  or  more 

□  10,000  -  19,999 

□  5,000  -  9,999 

□  1,000-4,999 

□  500  -  999 

□  100-499 

□  50  -  99 

□  Less  than  50 


What  is  your  organization’s  annual  IT/1S  budget 
for  all  IT/IS  products? 

□  $1  Billion  or  more 

□  $500  Million  -  $999,9  Million 

□  $100  Million  -  $499.9  Million 

□  $50  Million  -  $99.9  Million 

□  $10  Million  -  $49.9  Million 

□  $1  Million  -  $9,9  Million 

□  $500,000  -  $999,999 

□  $250,000  -  $499,999 

□  $100,000 -$249,999 

□  Less  than  $  1 00,000 

What  is  the  estimated  annual  revenue  of 
your  entire  organization? 

□  Over  $10  Billion 

□  $1  Billion  -  $9.9  Billion 

□  $500  Million  -  $999  Million 

□  $100  Million  -  $499  Million 

□  Less  than  $100  Million 


The  one  item  that  best  describes  your  involvement  in 
the  IT  purchase  process 

□  Authorize/approve  purchase 

□  Evaluate/recommend  products,  brands,  vendors 

□  Specify  features/technical  requirements 

□  Set  budget  for  expenditures 

□  Determine  need  to  purchase 

□  Create  IT  strategy 

□  All  of  the  above 

Do  you  need  hotel  accommodations? 

□  Yes  (please  visit  www.etcentral.com  to  reserve) 

□  No 

Would  you  like  to  receive  a  complimentary 
subscription  to  Computerworld? 

□  Yes 

□  No 

Signature  (required): 


□  My  company  is  Sponsoring/  I  $995  General  Conference  Package 

Exhibiting  at  EMW  (includes  General  Conference  Sessions,  Expo,  Meals  &  Receptions) 

As  a  sponsor,  you  may  be  eligible  to  attend  using  a  registration  provided  with  your  sponsorship.  (If  those  registrations  have  already  been  assigned/used,  then  you  may  register  at 
the  prevailing  rates  above.)  See  the  current  list  of  sponsors  at  www.emwusa.com.  Questions?  Call  1-800-883-9090  or  email  emwreg@computerworld.com. 


Q  I  am  a  representative  of  a  Non-Sponsoring  IT  Vendor  Company 

□  $1,990  Technical  Professional  Package*  □  $5,000  Business  Development  Professional  Package 

excludes  Sales,  Marketing  and  Business  Development  Professionals  for  Sales,  Marketing  and  Business  Development  Professionals 

(includes  General  Conference  Sessions,  Expo,  Meals  &  Receptions)  (includes  General  Conference  Sessions,  Expo,  Meals  &  Receptions) 

‘up  to  2  registrants  per  company 

Vendors  are  encouraged  to  participate  in  Enterprise  Management  World  through  sponsorship.  (Details  are  available  by  calling  Leo  Leger  at  508-820-821 2.)  Alternatively,  vendors 
(as  well  as  other  “non-IT  end-user"  professionals  as  defined  by  Computerworld),  may  apply  for  registration  at  the  “non-sponsoring  vendor  rate  of  $5,000.  Determination  ot  what 
constitutes  a  “non-sponsoring  vendor"  registration  is  made  exclusively  by  Computerworld.  Please  call  888-239-4505  with  questions. 


□  I  am  a  Financial/Equity  Analyst 
and/or  Venture  Capital  Professional 
$995  General  Conference  Package 

(includes  General  Conference  Sessions,  Expo,  Meals  &  Receptions) 


Q  I  am  a  qualified  member  of  the  press.  I  can  verify  my  press  credentials. 

Press  should  call  Colin  Longval  at  508-820-8665, 

Please  fax  this  completed  application 
to  1-508-820-8254 


Payment  Method _ 

□  Check  (checks  must  be  received  by  August  29,  2005  payable  to:  Computerworld) 
Mail  to:  Computerworld,  Attn:  Mike  Barbato,  One  Speen  Street,  Framingham,  MA  01701 

□  American  Express  □  VISA  □  MasterCard 

Account  Number: _ _ _ _ 

Expiration  Date: _ 

Card  Holder  Name: _ _ _ 

Signature  of  Card  Holder: _ _ _ _ _ _ 

Cancellation  Policy  (All  of  the  following  require  written  notification  by  August  29,  2005.) 

In  the  event  of  cancellation,  the  registrant  has  three  options: 

1)  He  or  she  may  substitute  another  attendee  for  this  conference. 

2)  He  or  she  may  transfer  this  registration  to  the  Enterprise  Management  World  2006  conference. 

3)  The  registration  fee  will  be  refunded,  less  a  $250  service  charge  (if  written  notice  is  received  by  August  29, 2005). 
Please  send  cancellation  requests  via  email  to:  emwreg@computerworld.com 


SECURITY  MANAGER’S  JOURNAL 

Intellectual  Property 
Is  Focus  at  New  Job 

Mathias  Thurman’s  new  challenge: 
keeping  technical  manuals,  engineering 
documents  and  source  code  out  of  the 
hands  of  departing  employees.  Page  32 


OPINION 

Awaiting  the  PC  Killers 

Virus  writers  could  do  serious  damage  to 
computers  by  attacking  the  microcode  em¬ 
bedded  in  hard  disk  drives,  CPUs  and  other 
components.  But  two  obstacles  stand  in 
their  way,  writes  Robert  L.  Mitchell.  Page  33 


FUTURE  WATCH 

Power  Play 

Researchers  are  investigating  new  ways 
to  reduce  CPU  heat  loads  and  energy  de¬ 
mands  without  compromising  processor 
power  for  computers  like  Los  Alamos 
National  Laboratory’s  ASC  Q  Page  30 


When  TV  Guide  subscribers 
want  to  notify  the  maga¬ 
zine  about  a  change  of  ad¬ 
dress,  they  simply  call 
customer  service.  But  the  friendly 
voice  on  the  other  end  of  the  line 
isn’t  a  human  call  center  representa¬ 
tive.  It’s  a  virtual  agent  —  a  speech- 
enabled  application  that  can  under¬ 
stand  and  respond  to  requests  from 
the  customer. 

If  TV  Guide’s  40  million  customers 
have  any  qualms  about  speaking  with 
a  machine,  they  aren’t  complaining. 
One  reason  may  be  that  using  the 
system  is  easier  and  faster  than  talk¬ 
ing  to  a  live  representative,  says 
Steve  Martin,  executive  director  of 


fulfillment  operations  at  the  New 
York-based  publication.  The  system, 
purchased  from  Tuvox  Inc.  in  Cuper¬ 
tino,  Calif.,  halved  average  call  times, 
from  four  minutes  to  two.  That  im¬ 
proved  customer  service  while  also 
reducing  telecommunications  and 
staffing  costs,  Martin  says. 

Long  considered  overly  expensive 
and  complicated,  speech-enabled 
applications  are  finally  beginning  to 
deliver  bottom-line  benefits,  says 
Daniel  Hong,  an  analyst  at  Data- 
monitor  PLC  in  New  York.  Today,  the 
systems  can  eliminate  the  old,  stilted 
voice  recordings  used  in  interactive 
voice  response  (IVR)  systems  and 
add  a  more  friendly  voice-user  inter- 


Companies  are  using  speech-enabled 
applications  to  cut  average  call  times, 
decrease  staff  requirements  and  enable 
new  features.  By  Robert  L.  Mitchell 


26 


COMPUTERWGRLD  August  22, 2005 


TECHNOLOGY 


www.computerworld.com 


* 


O 


$510 

million 


IT  spending  on 

speech  technology 
in  2004* 

*  Excluding  hosted 


face  (VUI)  that  understands  natural,  conversation¬ 
al  language.  The  VUI  accepts  verbal  input  rather 
than  requiring  the  caller  to  enter  information  from 
a  touch-tone  keypad. 

State-of-the-art  speech-enabled  systems  can  cut 
through  complex  and  confusing  touch-tone  menu 
hierarchies  used  in  traditional  dual-tone  multi¬ 
frequency  (DTMF)  systems  by  allowing  users  to 
say  exactly  what  they  want  and  then  jump  directly 
to  that  function.  Speech-enabled  systems  are 
faster  than  touch-tone  IVR  systems  for 
more  advanced  transactions  and  are 
more  efficient  at  tasks  like  accept¬ 
ing  alphanumeric  serial  numbers. 

Competition  in  the  speech- 
enabled  applications  market 
has  increased,  and  prices  have 
dropped  by  30%  over  the  past 
five  years,  according  to  Data- 
monitor.  The  emergence  of  open  ' 
platforms  built  around  standards 
such  as  VoiceXML  and  Speech  Ap¬ 
plication  Language  Tags  (SALT)  has 
fostered  the  competition,  spurring  new  'rs°^yo77o 
entrants  such  as  Microsoft  Corp.’s  Speech 
Server,  which  debuted  last  year. 

The  proprietary  IVR  system  hardware  and  soft¬ 
ware  in  common  use  today  are  gradually  being  re¬ 
placed  with  industry-standard  servers  with  plug-in 
telephony  cards.  Vendors  of  speech-enabled  IVR  ap¬ 
plications  typically  work  with  multiple  speech  en¬ 
gines,  which  provide  basic  speech-recognition,  au¬ 
thentication  and  text-to-speech  technology.  Most  of¬ 
fer  prebuilt  components  that  can  be  assembled  into 
custom  and  packaged  vertical-market  applications. 

The  trend  toward  the  use  of  prebuilt  modules  and 
reusable  components  has  made  the  construction  of 
speech-enabled  applications  easier.  “Right  now, 
we’re  on  the  brink  of  going  from  the  early  adopter  to 
the  pragmatist  phase,”  says  Hong.  Although  only 
about  7%  to  10%  of  currently  installed  IVR  systems 
will  be  speech-enabled  this  year,  one  in  three  new 
systems  ship  with  the  capability,  and  50%  will  by 
2009,  according  to  Hong. 

The  real  potential  of  speech  technology  lies  in  new 
applications  rather  than  in  the  replacement  of  func¬ 
tions  handled  by  touch-tone  systems,  says  Steve 
Coplan,  an  analyst  at  The  451  Group  in  New  York. 

Building  on  its  initial  success,  TV  Guide  is  adding 
caller  self-service  features.  “We’ve  expanded  it  to  do 
surveys  and  to  handle  our  in-house  employee  direc¬ 
tory,”  Martin  says.  And  the  system  will  soon  handle 
online  subscription  payments  as  well. 

Gtech  Holdings  Corp.  in  West  Greenwich,  R.I.,  has 
begun  using  the  technology  to  automate  field-service 
calls  for  retail  machines  it  maintains  for  government 
lotteries.  “It’s  cumbersome  to  collect  [alphanumeric] 
serial  number  information  via  a  DTMF  application” 
that  takes  3  million  calls  annually,  says  Mike  Sax,  di¬ 
rector  of  global  technology  services.  A  voice-enabled 
system  changed  that.  “We  saw  a  15%  increase  in  ac¬ 
ceptance  almost  out  of  the  gate,”  Sax  says,  adding 
that  he  expects  the  system  to  pay  for  itself  in  18 
months. 

Despite  the  advantages,  speech-enabled  applica¬ 
tions  still  require  specialists  to  perfect  the  VUI,  cus¬ 
tomize  “grammars”  that  the  speech  engine  recog¬ 
nizes  and  tune  the  systems  to  improve  accuracy. 


I 

I 


“They’re  cheaper  to  implement  relative  to  where 
the  technology  was  but  still  require  a  lot  of  tuning 
and  manual  overhead  to  get  the  applications  up 
and  running,”  says  Coplan. 

Users  shouldn’t  expect  the  systems  to  be  perfect 
right  away,  adds  Martin.  “When  we  first  started,  we 
were  getting  about  40%  success  rate,”  he  says.  With 
tuning,  that  rate  has  climbed  to  more  than  70%,  and 
Martin  expects  the  system  to  top  out  above  80%, 
which  he  says  is  acceptable.  Dialogues  are 
carefully  constructed  so  when  the  system 
fails  to  interpret  a  request,  the  caller 
may  transfer  to  a  live  operator  or 
use  touch-tone  keys  to  complete  a 
transaction.  Failures  are  tracked 
by  the  system,  which  is  periodi¬ 
cally  tuned  to  improve  accuracy. 

That  process  can’t  be  rushed, 
says  Casey  Lewis,  a  software  de- 
£  velopment  manager  at  DST  Sys- 
terns  Inc.  in  Kansas  City,  Mo.  DST 
V £  provides  customer  service  out- 
^  sourcing  for  mutual  fund  companies 
and  their  more  than  90  million  share- 


r 


j  s  c 

holders.  The  company  uses  a  natural-language 
system  from  Edify  Corp.  in  Santa  Clara,  Calif.,  that 
allows  callers  to  perform  activities  such  as  checking 
their  balances  and  redeeming  shares. 

While  DST’s  staff  handled  much  of  the  program¬ 
ming  and  construction  of  the  system,  a  lot  of  the 
nine-month  deployment  effort  was  spent  on  multiple 
iterations  of  tuning  —  an  area  where  the  staff  had  lit¬ 
tle  experience.  “Don’t  hesitate  to  rely  on  vendors 
who  can  provide  expertise,”  Lewis  advises. 

Finding  Your  Voice 

Just  as  tuning  is  important,  developing  a  user-friend¬ 
ly  VUI  is  also  critical.  At  American  Savings  Bank 
(ASB)  in  Honolulu,  success  meant  tuning  the  system 
to  understand  local  dialects  as  well  as  creating  a 
friendly  virtual  agent  that  would  become  part  of  the 
bank’s  brand  image.  The  institution,  which  takes 
more  than  300,000  calls  per  month,  already  had  a 
touch-tone  IVR  system.  “Our  local  competition 
doesn’t  have  speech,  so  it  was  an  opportunity  to  be 
first,”  says  Renee  Lum,  assistant  vice  president  and 
manager  of  the  bank’s  customer  service  center. 

Lum  brought  in  Dallas-based  InterVoice  Inc.  to 
help  develop  its  virtual  agent  and  tune  the  system. 
“The  personality  for  the  voice  was  very  important. 
We  got  down  to  her  age,  her  hobbies  and  how  many 
kids  she  had,”  says  Lum.  ASB  then  hired  professional 
talent  to  record  the  voice  and  worked  with  Inter- 
Voice  to  develop  the  dialogues.  “There  were  a  lot  of 
tuning  cycles,”  Lum  says.  The  system  needed  to  rec¬ 
ognize  local  words  such  as  aloha ,  as  well  as  local 
pronunciations  for  words  like  four,  which  sounds 
more  like  “foa.”  Testing  with  real  users  helped  to  re¬ 
fine  the  pace  and  pitch  of  interactions.  The  feedback 
also  helped  ASB  refine  dialogues  by  replacing  con¬ 
fusing  words  like  debit  with  the  more  straightfor¬ 
ward  withdrawal,  for  example. 

“We  did  the  tuning  and  testing,  and  it  was  one  of 
the  biggest  success  factors,”  Lum  says.  The  system 
runs  in  parallel  with  the  existing  touch-tone  system. 
Unfortunately,  94%  of  callers  still  press  9  to  go  to  the 
touch-tone  system  as  soon  as  they  call  in,  bypassing 
the  voice  interface.  Those  customers  have  memo¬ 


rized  the  touch-tone  options  and  in  some  cases  may 
not  even  realize  that  a  new  option  exists,  Lum  says. 
“We  haven’t  been  able  to  market  it  yet  as  we’d  like 
to,”  she  says. 

For  its  part,  DST  addressed  that  challenge  through 
careful  scripting  of  the  initial  call  dialogues,  accord¬ 
ing  to  Lewis.  By  making  some  adjustments,  DST  was 
able  to  retain  80%  of  callers  within  the  speech-en¬ 
abled  system.  “The  way  you  build  that  [script]  has  a 
lot  of  impact  on  what  your  speech-recognition  reten¬ 
tion  rate  will  be.  We  discourage  scripting  that  lets 
people  press  [the  star  key]  and  go  right  to  the  touch- 
tone  system,”  Lewis  says. 

Although  the  technology  has  improved,  the  under¬ 
lying  complexity  of  speech  application  development 
remains  a  challenge,  says  Coplan.  “There’s  no  real 
abstraction  layer  to  separate  out  the  complexities  of 
the  speech-recognition  engine,”  he  says,  and  that 
makes  the  development  process  more  complicated 
than  it  should  be.  Ultimately,  the  key  to  success  may 
be  the  continued  development  of  middleware  from 
vendors  such  as  Microsoft  and  IBM.  But  so  far,  the 
vendors  have  had  little  success.  Coplan  says. 

Datamonitor’s  Hong  agrees  that  the  technology  is 
still  evolving  but  says  that  the  development  of  pre¬ 
built  modules  means  that  users  can  build  a  speech- 
enabled  application  without  doing  the  kind  of  low- 
level  programming  that  used  to  bog  down  such  proj¬ 
ects.  A  speech-enabled  IVR  can  pay  for  itself  in  12  to 


VOICE-ENABLED  APPS 

PROS 

■  Easier  for  callers.  Support  for  natural  language  allows  cus¬ 
tomers  to  say  what  they  want  instead  of  navigating  through  a 
hierarchy  of  touch-tone  menu  options. 

■  Improved  standards.  The  evolution  of  standards  such  as 
VoiceXML  and  SALT  have  increased  competition  and  helped 
push  down  prices. 

■  Easier  to  build.  Prebuilt,  reusable  components  facilitate 
application  development  and  deployment. 

CONS 

■  Some  assembly  required.  While  packaged  applications  for  a 
few  vertical  markets  are  available,  most  deployments  require 
custom  development  as  well. 

■  Deployments  take  time.  It  can  take  a  year  or  more  to  devel¬ 
op  and  fine-tune  a  sophisticated  voice-enabled  application. 

■  You’ll  need  help.  Professional  services  can  add  up  to  more 
than  half  of  the  project  cost,  analysts  say. 

24  months  through  cost  savings  alone  and  may  also 
offer  a  competitive  advantage,  Hong  says.  “It  im¬ 
proves  customer  service  while  reducing  costs  for 
the  company,”  he  says.  “You  should  be  looking  at 
speech  right  now,  doing  pilots  in  a  small  footprint.” 
©  56026 


MORE  ONLINE 


Speaking  in  Standards:  A  look  at  standards  that  are  paving  the  way 
for  open  product  architectures:  QuickLink  56035 

Gracious  Host:  Using  a  hosted  service  can  help  alleviate  the  upfront 
costs  of  developing  and  maintaining  voice-enabled  call  center  apps: 

©QuickLink  56033 

www.computerworld.com 


f’-V  fm.  $  :■ 

aMM&M 


ill 


q$a8|*v* 


r,i 


iS 


sSaSfe-i;; 


wM 


Mmm 

mi 


mm 
•  1 1 


28 


CGMPUTERWORLD  August  22, 2005 


TECHNOLOGY 


www.computerworld.com 


Bn  some  data  centers,  you 
can  still  find  water  pipes  under 
raised  floors  that  were  once  used 
to  cool  mainframes.  And  the  idea 
of  turning  that  water  on  again  to 
cool  off  hot  electronics  is  something 
that  chills  longtime  IT  professionals 
like  Chad  Gerbick,  manager  of  opera¬ 
tions  at  Kent  State  University  in  Ohio. 

“I  remember  the  water-cooled  main¬ 
frames,  and  it  was  just  such  a  hassle 
with  that  stuff  because  you  always  had 
to  worry  about  water  under  the  floor 
and  pipes  and  the  quality  of  the  water,” 
says  Gerbick.  “[Water  cooling]  is  an¬ 
other  point  of  failure  that  I  wouldn’t 
want  to  deal  with.” 

Gerbick’s  reaction  to  the  idea  of 
bringing  water  close  to  very  expensive 
electronics  is  widely  shared  among  IT 
managers.  But  as  server  performance 
and  density  rise,  water  cooling  may 
gradually  move  back  into  the  main¬ 
stream  of  data  center  technologies. 

Water  cooling  “is  very  definitely  a 
viable  technology  and  a  necessary 
technology,”  says  Bob  Sullivan,  a  con¬ 
sultant  at  The  Uptime  Institute  in  San¬ 
ta  Fe,  N.M.  “Heat  loads  are  going  up  so 
drastically  that  there  is  going  to  be  no 
other  way  to  cool  these  high  heat  den¬ 
sities  other  than  water  cooling.” 

Sullivan  is  hardly  alone  in  this  belief. 
Ken  Baker,  a  data  center  infrastructure 
technologist  at  Hewlett-Packard  Co., 
says  that  water  cooling  is  “inevitable.” 

“The  unrelenting  power  increase  . . . 
is  forcing  [users]  to  look  at  new  ways 
to  cool  the  hardware,”  says  Baker. 
“Real-estate  constraints  will  drive  this.” 

Recognizing  Limitations 

The  upper  limit  of  air  cooling  alone  in 
a  single  cabinet  is  about  10  kilowatts, 
says  Baker.  But  power  demands  will 
continue  to  rise.  For  instance,  Baker 
estimates  that  a  1U  (1.75  in.  high)  serv¬ 
er  that  draws  350  watts  today  will  in¬ 
crease  to  more  than  600  watts  over  the 
next  few  years.  At  today’s  levels,  lOkw 
would  equal  about  30  servers. 

Large  rack  systems  with  98  blades 
in  seven  chassis  can  consume  as  much 
as  24kw  of  power.  Data  center  man¬ 
agers  typically  fill  just  half  the  rack 
space  to  keep  temperatures  down,  but 
that  means  spreading  out  the  servers, 
which  uses  more  floor  space. 

“The  water  scares  the  heck  out  of 
folks,”  says  Thomas  Roberts,  director 
of  data  center  operations  at  Novi, 
Mich.-based  Trinity  Health,  which  op¬ 
erates  hospitals  and  outpatient  facili¬ 
ties.  His  data  center,  which  was  built 
two  and  a  half  years  ago,  has  100% 
more  cooling  than  it  needs.  “I  view 
[water  cooling  systems]  as  being 
needed  in  an  environment  where 


As  server  heat  loads  grow, 
vendors  are  reintroducing 
water  cooling  options  — 
and  stoking  old  fears. 
By  Patrick  Thibodeau 


you  have  no  scalability,”  he  says. 

That’s  what  vendors  believe  as  well. 
They  think  early  adopters  of  water 
cooling  systems  will  be  those  with  fa¬ 
cilities  in  urban  areas,  such  as  Globix 
Corp.’s  data  center  in  London’s  busi¬ 
ness  district. 

In  March,  Globix,  which  provides 
networking  and  infrastructure  services 
to  businesses,  installed  a  cooling  sys¬ 
tem  for  its  high-density  racks.  The 
InfraStruXure  High  Density  system 
from  American  Power  Conversion 
Corp.  (APC)  in  West  Kingston,  R.I., 
is  a  self-contained  data  center  with  air 
and  water  cooling  systems  for  Globix 


servers  that  consume  15kw  in  a  rack 
containing  some  80  blades. 

“We  found  we  did  not  want  to  be  an 
[Internet  service  provider]  that  kept 
throwing  space  at  the  problem,”  says 
Philip  Cheek,  U.K.  managing  director 
at  New  York-based  Globix. 

The  APC  system  uses  water  to  help 
cool  the  system  and  can  handle  up  to 
20kw,  says  Dave  Brooks,  facilities  man¬ 
ager  at  the  Globix  London  center.  He 
expects  to  reach  that  level  someday. 
The  water  connections  are  welded, 
and  the  system  poses  “no  more  risk 
than  a  standard  unit,”  he  says. 

Vendors  are  beginning  to  turn  out 


SOURCE:  AMERICAN  POWER  CONVERSION  CORP 


Top-Down  View  of  APC’s  Water-based  Cooling  System 


As  air  passes  through 
servers,  it  absorbs  heat. 

1.  Servers  exhaust  air 
at  high  temperatures. 


□s 


2.  Fans  pull  air  across 

coils,  cooling  it  in  the 
process. 


3.  Fans  distribute  the 
cooled  air  to  the  front 
of  the  servers. 


products  that  use  water,  but  approach¬ 
es  vary  widely.  Last  month,  IBM  re¬ 
leased  a  water-cooled  door  capable  of 
handling  15kw  of  heat  that  can  be  fitted 
on  its  enterprise  server  rack. 

APC  also  has  a  unit  that  can  handle 
about  18kw  of  heat  and  is  fully  en¬ 
closed  —  almost  like  a  refrigerator. 

The  APC  unit  can  be  operated  outside 
a  data  center. 

Not  all  liquid  cooling  systems  use 
water.  Liebert  Corp.  in  Columbus, 

Ohio,  is  using  a  refrigerant  in  some 
of  its  cooling  products. 

New  Designs 

One  sign  that  the  idea  of  water  cooling 
is  regaining  credence  is  that  newer  data 
centers  are  being  designed  to  poten¬ 
tially  handle  water.  Some  are  moving 
wiring  to  the  ceiling  and  walls  and  are 
limiting  or  eliminating  raised  floors. 

While  water  cooling  units  are  begin¬ 
ning  to  appear  on  trade  show  floors, 
Ron  Miglini,  president  of  the  Dallas/ 
Fort  Worth  chapter  of  AFCOM,  says 
the  issue  of  water  cooling  rarely  comes 
up  at  meetings  of  his  group,  an  associa¬ 
tion  for  data  center  professionals.  But 
Miglini,  who  is  also  president  of  Sealco 
Inc.,  a  company  in  Richardson,  Texas, 
that  cleans  data  centers  and  improves 
air  flows,  says  newer  data  centers  are 
being  built  with  utility  trenches  that 
can  isolate  water  supplies  from  electri¬ 
cal  wiring. 

Data  center  cooling  is  a  top  issue 
for  data  managers,  who  are  largely 
addressing  cooling  needs  by  carefully 
laying  out  data  centers.  But  as  server 
densities  increase  and  equipment  is 
added,  users  will  have  to  either  expand 
the  size  of  their  data  centers  for  new 
generations  of  servers  that  have  im¬ 
proved  price/performance  but  con¬ 
sume  more  power,  or  they’ll  have  to 
look  at  cooling  system  that  use  fluids. 

Gordon  Haff,  an  analyst  at  Illumina- 
ta  Inc.  in  Nashua,  N.H.,  says  IBM’s  re¬ 
cent  entry  into  the  water  cooling  sys¬ 
tems  market  will  add  a  lot  of  credibili¬ 
ty  to  the  idea  of  using  fluids  to  pull 
heat  out  of  the  data  center.  He  believes, 
however,  that  adoption  of  water-based 
systems  will  remain  small  and  in  the 
category  of  specialty  devices. 

Charles  King,  an  analyst  at  Pund-IT 
Research  in  Hayward,  Calif.,  says  com¬ 
panies  “tend  not  to  want  to  update 
their  data  centers  every  few  years.”  He 
views  water-cooled  systems,  such  as 
IBM’s,  as  stopgap  measures. 

IBM’s  new  rack-cooling  device  is  al¬ 
lowing  data  center  managers  to  “buy 
some  time  and  get  a  few  more  genera¬ 
tions  out  of  their  facilities  before  they 
think  about  having  to  rebuild  or  retro¬ 
fit,”  says  King.  O  56076 


.  ■  .. ' ;  1 
r:  •  ■  '  \  ■  ■■  ' 

3^' 


i #s? 

St-sfe 


MICROSOFT.COM/SE 

Microsoft 


CUR1TY/IT 


■ ■  .*■'-■  ..t 

■  ;  y/  . 


iSSjr* 


Find  the  tools  and  guidance  you  need  for  a  well-guarded  network 
atmicrosoft.com/security/IT  /! 


Microsoft  Windows  XP  Service  Pack  2:  Download  it  for 


against  security  threats. 

Free  Tools  &  Updates:  Download  free  software  like  Microsoft 
Baseline  Security  Analyzer  to  verify  that  your  systems  are 
configured  to  maximize  security.  Manage  software  updates 
easily  with  Windows  Server  Update  Services. 


practices  and  identify  areas  for  improvement. 

Internet  Security  and  Acceleration  Server  2004:  Do 

the  free  120-day  trial  version  to  evaluate  how  the  a.dv 
application-layer  firewall,  VPN,  and  Web  cache  soluti* 


39 


C0MPUTESWORLD  August  22, 2005 


'TECHNOLOGY 


POWER 


Coming  just  in  time:  pow 
processors.  By  Gary  H. 


iser 

nthes 


www.computerworld.com 


f 


Discussions  of 

computer  perfor¬ 
mance  are  typi¬ 
cally  dominated 
by  references  to 
measures  such  as  MIPS,  MHz 
and  MFLOPS. 

But  Wu-Chun  Feng,  a  com¬ 
puter  architect  at  Los  Alamos 
National  Laboratory  in  New 
Mexico,  expects  that  to  change 
during  this  decade.  He  says  it’s 
time  for  the  computer  commu¬ 
nity  to  adopt  alternate  metrics 
for  evaluating  performance. 
“It’s  about  more  than  speed; 
it’s  about  reliability,  availabili¬ 
ty  and  efficiency,”  he  says. 

It’s  more  than  an  esoteric 
semantic  point.  ASC  Q,  a 
giant  supercomputer  at  Los 
Alamos,  has  8,192  processors, 
and  although  each  one  is  ex¬ 
tremely  reliable  (as  well  as 
fast),  there  are  so  many  of 
them  that  the  machine  overall 
fails  about  114  times  a  month, 
or  once  per  eight-hour  shift. 

The  problem  is  heat,  Feng 
says,  and  it’s  not  just  an  issue 
in  supercomputers.  The  power 
consumed  and  the  heat  given 
off  per  unit  area  in  processor 
chips  increases  with  Moore’s 
Law,  doubling  every  18  to  24 
months.  Indeed,  the  power 
density  of  commodity  proces¬ 
sor  chips  used  in  PCs  today  is 
on  a  par  with  that  inside  a  nu¬ 
clear  reactor.  And  the  failure 
rate  of  a  processor  doubles 
with  every  increase  in  temper¬ 
ature  of  10  degrees  Celsius  (18 
degrees  Fahrenheit),  Feng  says. 

Running  Cooler 

But  researchers  are  inventing 
clever  ways  to  keep  reliability 
up  by  keeping  heat  and  power 
consumption  down. 

In  2002,  Los  Alamos  built  a 
240-node  computer  called 
Green  Destiny.  For  two  years, 
it  ran  without  a  single  failure 
in  a  dusty,  unventilated  ware¬ 
house  where  the  average  tem¬ 
perature  was  85  F.  The  magic: 
It  used  processors  from  Trans¬ 
meta  Corp.  that  consumed  just 
6  watts  each.  In  comparison, 
mainstream  microprocessors 
at  the  time  consumed  about 
100  watts. 

Green  Destiny’s  low-power, 
low-heat,  high-reliability  char¬ 
acteristics  came  from  its  ar¬ 
chitecture,  independent  of  the 


applications  running  on  it.  But 
now  Feng  and  his  colleagues 
are  developing  software  that 
can  alter  the  processor’s  pow¬ 
er  consumption  depending  on 
the  moment-to-moment  needs 
of  the  application. 

The  power  drawn  by  a  proc¬ 
essor  is  proportional  to  its  fre¬ 
quency  and  voltage.  Notebook 
computers  today  can 
scale  back  frequency 
and  voltage  after  some 
period  of  user  inactivi¬ 
ty  in  order  to  conserve 
battery  power.  But 
that’s  not  feasible  in  a  number¬ 
crunching  scientific  computer 
or  a  big  transaction-processing 
server.  “The  CPU  almost  al¬ 
ways  looks  busy  compared  to 
doing  a  Microsoft  Office  doc¬ 
ument,”  Feng  explains. 

So  the  lab  has  developed 
and  is  now  enhancing  “dy¬ 
namic  scaling”  software  that 


learns  the  characteristics  of 
the  application  as  it  runs.  It’s 
able  to  anticipate  when  the 
workload  will  shift  significant¬ 
ly  from  CPU-intensive  opera¬ 
tions  to  various  off-chip  func¬ 
tions  that  don’t  require  high 
CPU  clock  speed  and  voltage 
and  then  temporarily  scale 
them  back.  This  technique  has 
yielded  a  reduction  in 
power  consumption 
of  as  much  as  70%, 
but  performance  has 
degraded  only  1%  to 
5%  for  uniprocessor 
applications,  Feng  says. 

Power  savings  from  this 
technique  average  about  25%, 
he  says.  “If  you  save  25%  on 
power,  that’s  25%  more  proc¬ 
essors  I  can  add  to  my  system 
and  still  be  in  the  same  ther¬ 
mal  envelope.” 

Rather  than  do  this  scaling 
in  runtime  software,  the  same 


thing  might  be  accomplished 
by  having  programmers  in¬ 
strument  their  code  so  that 
power  reductions  are  called 
for  at  the  point  where  signifi- 
%eant  off-chip  functions  begin. 
But  that  puts  too  much  of  a 
burden  on  programmers,  who 
are  already  struggling  to  write 
code  for  parallel  operations, 
Feng  says.  Another  idea  is  to 
have  the  compiler  do  it,  but 
the  compiler  can’t  know  what 
data  the  program  will  en¬ 
counter,  and  much  of  the  need¬ 
ed  voltage  and  frequency  scal¬ 
ing  is  data-dependent,  he  adds. 

Feng  says  the  concept  could 
be  applied  to  transaction  proc¬ 
essing,  Web  services  or  data¬ 
base  servers,  in  which  there  is 
a  great  deal  of  I/O  that  doesn’t 
require  full  CPU  power.  He 
says  that  for  companies  that 
have  many  thousands  of 
processors,  such  as  Google 


Inc.,  the  driving  technical  ob¬ 
jective  isn’t  to  have  the  fastest 
processors  but  to  have  high  re¬ 
liability  in  a  small  footprint. 
“For  Google,  space  is  money, 
power  is  money,”  he  says. 

Los  Alamos  has  limited  its 
research  so  far  to  dynamic  scal¬ 
ing  of  processor  metrics,  but 
the  concepts  could  be  applied 
to  other  parts  of  systems,  Feng 
says,  even  to  mechanical  com¬ 
ponents.  “If  you  could  profile 
disks  so  that  you  know  when  to 
spin  things  up  and  down,  you 
could  save  quite  a  bit  of  ener¬ 
gy,”  he  says.  And  one  might  do 
voltage  and  frequency  scaling 
on  the  processors  embedded 
in  network  cards  and  video 
graphics  cards,  he  adds. 

More  Buttons 

Indeed,  researchers  are  begin¬ 
ning  to  apply  similar  monitor¬ 
ing  techniques  to  all  aspects  of 
power  and  to  all  parts  of  the 
chip,  says  Babak  Falsafi,  asso¬ 
ciate  professor  of  electrical 
and  computer  engineering  at 
Carnegie  Mellon  University  in 
Pittsburgh. 

“On  the  processor  chip,  and 
even  on  the  DRAM  memory, 
you  are  going  to  see  fine¬ 
grained  resource  scaling,  such 
as  voltage  and  frequency  scal¬ 
ing,”  Falsafi  predicts.  “It’s 
across  the  entire  chip  now,  but 
you’ll  have  tighter  control  over 
the  various  resources  so  you’ll 
be  able  to  do  scaling  within 
the  chip  itself,  which  will  give 
you  a  lot  more  buttons  to  push 
and  a  lot  more  flexibility.” 

For  example,  Falsafi  and  his 
students  developed  cache 
memory  architectures  that 
monitor  program  behavior  at 
runtime  and  “autoconfigure” 
to  adapt  to  the  required  cache 
size  and  organization.  Unused 
cache  sections  are  placed  in  a 
sleep  state  so  they  draw  no 
current.  Future  designs  will 
incorporate  such  resource 
scaling  across  all  chip  struc¬ 
tures  to  save  power,  he  says. 

Will  all  computers,  from 
notebooks  to  supercomputers, 
employ  these  techniques 
someday?  “They’ll  have  to,” 
Falsafi  says.  “Going  into  2015, 
we’ll  have  hundreds  of  billions 
of  transistors  on  a  chip.  We 
don’t  have  the  power  budget 
for  that.”  O  55890 


FUTURE 

mm 


I 

www.computerworld.com 


! 


TECHNOLOGY 


COMPUTERWORLO  August  22, 2005 


31 


Robotic  Camels  Are  Next 


This  camel  race  in  Qatar  features  robotic 
jockeys.  The  15-kilogram  high-tech  riders 
replace  the  small  boys  who  have  traditional¬ 
ly  sailed  the  ships  of  the  desert  toward  the 
finish  line  in  countries  throughout  the  Mid¬ 
dle  East.  New  laws  in  several  countries  pro¬ 
tect  the  boys,  some  as  young  as  four  years 
old,  from  essentially  being  conscripted  as 
camel  jockeys.  The  robot  riders  are  remote- 
controlled  but  are  programmed  to  automati¬ 
cally  shift  their  weight  and  apply  the  whip  in 
response  to  the  performance  of  their  camels. 


Spam  Delivers 
For  Snake-Oil, 
Stock  Scams 

■  E-MAILS  peddling  questionable  medications 
and  low-interest  loans  continue  to  irk  computer 
users  and  clog  corporate  networks  as  the  most 
common  types  of  spam,  according  to  security  ven¬ 
dor  Sophos  PLC.  But  a  relatively  new  category  of 
junk  e-mail  -  stock  scams  -  is  becoming  increas¬ 
ingly  prevalent. 

Researchers  from  SophosLabs  analyzed  the 
spam  received  in  its  global  network  of  spam  traps 
during  the  first  six  months  of  the  year.  They  found 
that  the  number  of  “pump  and  dump”  stock  scams 


had  increased  by  an  average  of  10%  per  month 
over  the  first  half  of  the  year,  to  the  point  where 
they  now  account  for  8.5%  of  all  spam. 

Pump-and-dump  campaigns  tend  to  run  for 
short  durations,  keeping  overall  volume  low. 
Although  some  of  the  information  provided  is 
accurate,  the  deceptive  and  unsolicited  nature 
of  the  messages  qualifies  them  as  spam.  Unso¬ 
licited  medication  e-mails,  including  offers  for 
generic  or  non-brand-name  versions  of  Viagra 
and  other  pharmaceuticals,  accounted  for  more 
than  40%  of  all  spam  traffic. 

The  good  news  is  that  pornographic  spam  is 
trending  downward,  though  it  still  accounts  for 
10%  of  all  junk  e-mail,  according  to  Sophos. 


Page  compiled  by  Tommy  Peterson. 


TOP  5 

SPAM  CAMPAIGNS 
REPORTED  TO  SOPHOS, 
JANUARY-JUNE  2005 


SOURCE:  SOPHOS  PLC 


DIFFERENCE  ENGINES 


ered  an  important  step  in  the  history  of 
computing  hardware.  The  ability  to 
change  the  pattern  of  the  loom’s  weave 
by  simply  changing  cards  was  an  impor¬ 
tant  conceptual  precursor  to  the  devel¬ 
opment  of  computer  programming. 

Specifically,  Charles  Babbage  planned 
to  use  cards  to  store  programs  in  his  An¬ 
alytical  Engine.  At  first  sight,  this  may 
seem  unremarkable,  but  it  was  a  clear 
turning  point  in  the  ability  to  store  and 
reuse  machine  instructions. 

Variations  on  Jacquard’s  punch  cards 
found  a  variety  of  uses,  including  repre¬ 
senting  the  music  to  be  played  by  auto¬ 
mated  pianos  popular  in  the  19th  and 
early  20th  centuries.  Herman  Hollerith 
used  punch  cards  for  tabulating  the 
1890  U.S.  census.  ©  56101 


Weaving 

Preceded 


is  a  mechanical 

loom  invented  by  French  silk  weaver 
and  inventor  Joseph  Marie  Jacquard  in 
1801  It  used  holes  cut  in  pasteboard 
punch  cards  to  control  the  weaving  of 
patterns  in  fabric.  The  loom  enabled 
even  unskilled  weavers  to  create  com¬ 
plex  designs.  Each  punch  card  corre¬ 
sponded  to  one  row  of  the  design,  and 
the  cards  were  strung  together  in  order. 

The  Jacquard  loom  was  the  first  ma¬ 
chine  to  use  punch  cards  to  control  a  se¬ 


quence  of  operations.  Although  it  did  no 
computation  based  on  them,  it’s  consid¬ 


Chips  With  Nanotuhe 
Sprinkles  From  UPenn 

■  PHYSICISTS  at  the  University  of 
Pennsylvania  have  deveioped  a  method 
to  create  functional  electronic  circuits  by 
dipping  semiconductor  chips  into  liquid 
suspensions  of  carbon  nanotubes  rather 
than  growing  the  nanotubes  directly  on 
the  circuits. 

Nanotubes,  tiny  tubes  composed  of 
carbon  atoms,  can  be  either  semicon¬ 
ducting  or  metallic,  the  latter  being  highly 
conductive  to  electricity.  Semiconducting 
nanotubes  make  exceptional  transistors, 
which  is  why  so  much  attention  has  been 
devoted  to  finding  a  way  to  use  them  in 
electronics. 

Most  nanotube  circuits  have  been 
made  by  growing  nanotubes  on  the 
surface  of  a  chip.  Unfortunately,  this 
method  results  in  a  circuit  comprising 
both  types  of  nanotubes  with  large 
diameters.  Small-diameter  nanotubes 
are  better  for  switches. 

The  UPenn  researchers  said  they  can 
create  a  large  batch  of  small-diameter 
nanotubes  in  solution  and  separate  out 
the  semiconducting  nanotubes.  Then 
they  can  place  them  in  the  proper  posi¬ 
tions  on  a  patterned  silicon  chip. 

They  deposit  the  nanotubes  by  dipping 
a  chip  covered  with  a  gluelike  substance 
into  the  nanotube  solution,  and  then  they 
wash  off  the  excess  glue  and  whatever 
solvents  remain.  “We  dip  the  chips  into 
nanotubes,  much  like  dipping  an  ice 
cream  cone  in  candy,"  said  Danvers 


Johnston,  a  graduate  student  in  associate 
professor  A.T.  Charlie  Johnson’s  laborato¬ 
ry  and  lead  author  of  the  study.  The  result¬ 
ing  circuits  take  advantage  of  the  unique 
electrical  properties  of  rianotubes  and 
can  be  produced  in  bulk. 

“The  only  way  to  make  faster  proces¬ 
sors  is  to  cram  more  transistors  together,” 
says  Johnson.  “Nanotubes  are  about  the 
smallest  transistors  that  exist  right  now.  So 
the  more  densely  they  can  be  packed  on  a 
chip,  the  faster  the  chips  can  become.” 


www.computerworld.com 


COMPUTERWORLD  August  22, 2005 


TECHN0L06Y 


Intellectual  Property 
Is  Focus  at  New  Job 

Our  security  manager  starts  a  new  position 
with  a  mandate  to  keep  company  IP  from 
walking  out  the  door.  By  Mathias  Thurman 


I  RECENTLY  RESIGNED  my 
position  after  four  years  to 
become  security  manager 
for  a  hardware  maker.  I  typ¬ 
ically  change  jobs  every  few 
years,  for  a  couple  of  reasons. 
The  first  is  to  be  exposed  to 
different  types  of  technol¬ 
ogies,  business  models  and 
cultures.  To  be  effective  in  the 
information  security  field,  it’s 
important  to  broaden  your 
horizons,  much  as  consultants 
who  work  on  short¬ 
term  projects  do. 

The  second  reason 
is  career  enhance¬ 
ment  and  salary.  We 
all  have  short-  and 
long-term  goals. 

Sometimes,  in  order 
to  attain  the  next  level  in  ca¬ 
reer  progression,  you  have  to 
take  a  new  position  in  a  new 
company.  Of  course,  there’s 
usually  a  change  in  title  and 
an  increase  in  compensation. 

I  started  the  new  position 
about  three  weeks  ago.  Right 
now,  I  have  a  staff  of  two  full¬ 
time  security  engineers  serv¬ 
ing  a  company  of  about  8,000 
employees  that  has  offices  in 
North  America,  Europe,  Asia 
and  the  Middle  East. 

The  company  had  no  securi¬ 
ty  manager  for  almost  a  year, 
and  with  security  absorbed  by 
multiple  departments,  there’s 
been  no  real  direction.  One  of 
my  short-term  projects  will 
be  to  develop  a  security  road 
map  and  include  enough  proj¬ 
ects  to  warrant  an  increase  in 
staff.  I  hope  to  expand  to  six 
employees. 

Win-Win- Lose 

Shortly  after  being  hired,  I  was 
presented  with  a  high-priority 
problem  that  can’t  be  solved 
quickly.  My  new  company 
makes  very  delicate  equip¬ 


ment  that  needs  to  be  calibrat¬ 
ed  and  maintained  frequently. 
In  order  to  deliver  this  level 
of  support,  the  company  pub¬ 
lishes  technical  manuals  that 
the  service  technicians  use 
as  they  work  on  the  various 
pieces  of  equipment  the  com¬ 
pany  produces.  This  service 
business  represents  a  signifi¬ 
cant  portion  of  the  company’s 
overall  revenue. 

The  problem  is  that  we’re 
losing  field  service 
technicians  and 
support  customers. 
Some  technicians 
have  been  quitting 
and  then  using  the 
service  manuals  we 
produce  so  they  can 
work  as  technical  consultants 
for  our  customers  at  a  dis¬ 
counted  price.  This  is  a  win- 
win-lose  situation,  and  it’s  my 
company  that’s  the  loser. 

That’s  just  the  beginning 
of  our  problems  with  holding 
on  to  intellectual  property  (IP). 
CAD/CAM  drawings,  source 
code  and  other  engineering 
documents  are  also  at  risk  of 
falling  into  the  wrong  hands. 
To  make  matters  worse,  a  sub¬ 
stantial  amount  of  our  design 
and  engineering  work  is  done 
overseas  for  cost  reasons,  and 
we  don’t  have  as  much  con¬ 
trol,  jurisdiction  or  recourse  in 
relation  to  what  foreign  em- 


IP  protection  is 
generally  approached 
using  one  of  two  major 
classes  of  products 
and  technologies. 


ployees  do.  Plus,  the  culture  in 
some  of  these  places  encour¬ 
ages  industrial  espionage  as  a 
way  to  stimulate  the  local 
economy. 

We  don’t  want  to  see  a  com¬ 
petitor  come  out  with  a  prod¬ 
uct  similar  to  ours,  designed 
from  our  engineering  docu¬ 
ments.  Making  sure  that  this 
doesn’t  happen  is  a  major 
strategic  objective  for  the 
company,  and  I  have  been  as¬ 
signed  to  figure  out  how  we’re 
going  to  protect  this  intellec¬ 
tual  property.  So  here  I  am, 
just  a  few  weeks  on  the  job, 
with  all  sorts  of  security  issues 
to  deal  with,  and  I  have  to 
spend  the  majority  of  my  time 
addressing  IP  protection. 

Schools  of  Thought 

IP  protection  is  generally  ap¬ 
proached  using  one  of  two 
major  classes  of  products 
and  technologies,  which  rep¬ 
resent  two  distinct  schools  of 
thought.  The  first  involves 
monitoring  activity.  Software 
is  installed  on  each  employee’s 
desktop  so  that  we  can  moni¬ 
tor  how  individuals  handle  IP 
and  can  then  take  action  such 
as  blocking  or  reporting.  We 
can  also  monitor  the  network 
traffic  and  look  for  key  words 
or  phrases  indicative  of  our  IP 
leaving  the  company. 

The  other  school  of  thought 
is  to  employ  digital  rights 
management  (DRM)  and  its 
cousin,  enterprise  rights  man¬ 
agement  (ERM).  DRM  allows 
you  to  “wrap”  a  document. 

The  document  is  encrypted, 
and  the  wrapper  contains  in¬ 
formation  on  who  can  read  the 
document  and  what  rights 
each  person  has  for  control¬ 
ling  the  document.  If  executed 
properly,  DRM  can  effectively 
address  concerns  about  docu¬ 
ments  leaving  the  company.  If 
the  recipient  of  a  document 
isn’t  authorized  to  view  it, 
then  the  document  is  useless 
to  that  individual.  The  trick 


is  making  sure  that  DRM  is 
deployed  properly;  if  it  isn’t, 
the  protections  it  can  afford 
are  lost. 

To  address  my  company’s  IP 
protection  needs,  I  may  end 
up  using  both  technologies. 

I  wanted  to  get  a  better  un¬ 
derstanding  of  the  DRM  tech¬ 
nology,  so  I  attended  a  recent 
conference  in  New  York.  As 
it  turned  out,  it  seemed  as  if 
about  70%  of  the  attendees 
were  in  the  entertainment  in¬ 
dustry,  meaning  that  they 
were  interested  in  what  DRM 
technology  can  do  protect  IP 
in  the  form  of  digital  music 
and  video.  This  made  me  sus¬ 
pect  that  this  technology  is  for 
the  most  part  still  in  its  infan¬ 
cy  when  it  comes  to  ERM,  and 
that  suspicion  was  confirmed 
for  me  after  I  attended  some 
of  the  sessions  and  spoke  to 
the  vendors. 

No  single  company’s  prod¬ 
uct  can  address  all  of  my 
needs.  For  the  short  term,  I’m 
looking  for  a  way  to  protect 
Adobe  PDF  files  and  Micro¬ 
soft  Office  documents,  which 
are  used  for  the  majority  of 
our  most  valuable  IP,  such  as 
those  service  manuals.  But  as 
I  mentioned,  we  also  need  to 
protect  CAD/CAM  docu¬ 
ments,  source  code  and  other 
types  of  IP. 

The  problem  is  that  there 
aren’t  any  products  designed 
to  protect  everything.  Some 
are  good  at  protecting  PDFs 
and  Office  documents  but  can 
do  nothing  to  keep  source 
code  safe.  Others  do  a  good 
job  of  protecting  CAD/CAM 
drawings  but  don’t  address 
Office  documents. 

Over  the  next  couple  of 
months,  I  will  take  a  more  de¬ 
tailed  look  at  this  technology, 
set  up  a  proof-of-concept  proj¬ 
ect  and  see  which  vendors  and 
technologies  best  fit  this  very 
dynamic,  out-of-control  envi¬ 
ronment.  I 

WHAT  DO  YOU  THINK? 

This  week’s  journal  is  written  by  a  real  securi¬ 
ty  manager,  “Mathias  Thurman,"  whose 
name  and  employer  have  been  disguised  for 
obvious  reasons.  Contact  him  at  mathias_ 
thurman@yahoo.com,  or  join  the  discussion 
in  our  forum:  QuickLink  a1590 

To  find  a  complete  archive  of  our 
Security  Manager’s  Journals,  go  online  to 

O  computerworld.com/secjournal 


SECURITY 

MANAGER’S 

JOURNALfi 


Security  Bookshelf 

■  The  Art  of  Intrusion:  The 
Real  Stories  Behind  the  Ex¬ 
ploits  of  Hackers,  Intruders  & 
Deceivers,  by  Kevin  D.  Mitnick 

and  William  L.  ^ . 

Simon  (John 
Wiley  &  Sons, 

2005). 

This  book  is  both 
entertaining  and 
educational.  The 
notorious  Mitnick 
and  his  co-author 
have  compiled 
some  very  infor¬ 
mative  and  realis¬ 
tic  stories  on  a  wide  variety  of 
information  security  topics. 
Because  intellectual  property 
is  a  priority  for  me,  I  enjoyed 
reading  the  chapter  titled 
“Your  Intellectual  Property 
Isn’t  Safe.”  With  tales  of  hack¬ 
ing  casinos,  phone  phreaking 
within  prison  walls  and  more, 
this  book  provides  insight  into 
the  mind  of  a  hacker  and  the 
common  (and  not-so-com- 
mon)  approaches  to  gaining 
unauthorized  access. 

-Mathias  Thurman 

Juniper  Upgrades 
Firewall,  VPN 

Juniper  Networks  Inc.  beefed 
up  its  security  offerings  with 
faster  and  more  capable  hard¬ 
ware  modules  for  its  high-end 
firewall  and  VPN  systems.  The 
company  introduced  the  8G2 
and  2XGE  Secure  Port  Mod¬ 
ules  for  the  Juniper  Networks 
NetScreen-5000  Series  Fire¬ 
wall  and  VPN  systems.  They 
are  available  now. 

Wjjjt  $ 

Symantec  Patches 
Critical  Veritas  Bug 


Symantec  Corp.  has  released 
software  that  fixes  critical  vul¬ 
nerabilities  in  the  company’s 
Veritas  Backup  Exec  and  Veri¬ 
tas  NetBackup  software.  A 
flaw  in  the  Network  Data  Man¬ 
agement  Protocol  agent  could 
let  an  attacker  gain  access  to 
the  system  and  download  files, 
according  to  Symantec.  De¬ 
tails  on  the  vulnerability  and 
links  to  the  patches  can  be 
found  at  QuickLink  a6880  at 
www.computerworld.com. 


BRIEFS 


Business  Objects 
Supports  Appliance 

Business  Objects  SA  and  Datalle- 
gro  Inc.  announced  enhanced 
interoperability  between 
BusinessObjects  XI  business  in¬ 
telligence  software  and  Datalle- 
gro’s  data  warehouse  appliance. 
The  appliance  will  enable  XI  to 
support  more  users,  offer  faster 
warehouse-loading  times  and 
increase  ad  hoc  query  capabili¬ 
ties.  Datallegro’s  appliances, 
which  support  up  to  25TB  of 
data,  start  at  $450,000. 


Centennial  Unveils 
DeviceWall  3.0 

Centennial  Software  Inc.  has  re¬ 
leased  DeviceWall  3.0,  software 
that  protects  against  data  theft 
and  unauthorized  network  access 
by  mobile  devices.  DeviceWall 
can  also  secure  Bluetooth,  infra¬ 
red  and  Wi-Fi  connections.  Pric¬ 
ing  starts  at  $10  per  seat. 


Progress  Product 
Embraces  Eclipse 

Progress  Software  Corp.  an¬ 
nounced  that  it  has  joined  the 
Eclipse  Foundation  open-source 
community  and  introduced  new 
Eclipse-based  development  tools. 
OpenEdge  Architect,  which  is  part 
of  Progress  OpenEdge  10.1,  is  an 
environment  designed  to  support 
application  development  in  a 
service-oriented  architecture. 
The  software,  due  to  ship  next 
month,  includes  improved  lan¬ 
guage  capabilities  and  compo¬ 
nent  services  for  developing 
applications. 


Tool  for  Wireless 
Support  Debuts 

Devicescape  Software  Inc.  an¬ 
nounced  the  Devicescape  Wire¬ 
less  Operations  Center.  The  soft¬ 
ware,  available  now,  lets  help 
desk  personnel  and  others  check 
wireless  access  points  to  isolate 
and  resolve  problems.  Pricing 
starts  at  $100  per  managed 
access  point  for  up  to  10  APs. 


ROBERT  L.  MITCHELL 


Awaiting  the  PC  Killers 


THE  MALICIOUS  CODE  enters  your  net¬ 
work  undetected,  rapidly  infecting  more 
than  100  machines.  But  this  is  no  ordinary 
virus.  Your  antivirus  and  disk  recovery 
tools  can’t  help,  because  the  disk  drives 
won’t  spin  up  at  all.  The  drives  are  toast.  The  PCs  are 
completely  inoperable. 

The  era  of  microcode  attacks  has  begun. 


Could  viruses  really 
attack  the  low-level 
microcode  that  makes 
disk  drives  run?  It’s  entire¬ 
ly  possible,  disk  technol¬ 
ogy  experts  say.  Dimitri 
Postrigan  knows  how  such 
a  virus  might  be  created 
—  but  he’s  not  telling. 

Postrigan  reverse-engi¬ 
neers  and  programs  hard 
disk  drives  at  ActionFront 
Data  Recovery  Labs. 

He  says  each  disk  drive 
has  its  own  internal  oper¬ 
ating  system  that  enables  the  device  to 
start  up.  The  operating  system  micro¬ 
code  resides  in  a  special  system  area 
of  the  disk.  “A  virus  could  be  written 
which  would  destroy  the  whole  sys¬ 
tem  area  on  a  drive.  This  will  make  the 
drive  and  data  almost  unrecoverable,” 
Postrigan  says. 

That  nightmare  scenario  also  both¬ 
ers  Ben  Carmichael,  technical  director 
of  ESS  Data  Recovery.  “In  the  data  re¬ 
covery  industry,  we’ve  been  waiting 
around  for  this  to  happen.  We’ve  writ¬ 
ten  programs  to  restore  hard  drives. 
We  could  easily  write  a  program  to 
destroy  [them],”  he  says.  He  worries 
that  others  with  fewer  scruples  could 
create  a  fast-spreading  virus  that  caus¬ 
es  massive  destruction  of  data. 

The  idea  of  a  microcode  attack  goes 
beyond  hard  drives,  says  Thor  Lar- 
holm,  senior  security  researcher  at 
PivX  Solutions.  Microcode  is  found 
in  other  PC  components,  including 
graphics  cards,  the  BIOS  and  the  CPU. 
Both  Intel  and  AMD  offer  microcode 


utilities,  complete  with 
source  code  that  could  be 
used  to  physically  damage  a 
CPU  by  severely  overclock¬ 
ing  it,  Larholm  says. 

So,  why  haven’t  such  ex¬ 
ploits  been  more  common? 
Fortunately,  it’s  not  that 
easy  to  do.  Viruses  thrive 
on  homogeneity.  While  all 
PCs  may  look  the  same  at 
the  Windows  level,  at  the 
machine  level,  things  can 
be  very  different,  making  a 
broad  attack  more  difficult 

to  pull  off. 

Years  ago,  someone  wrote  a  virus 
that  attempted  to  overwrite  the  flash 
memory  area  of  a  PC’s  BIOS,  but  its 
success  was  limited  because  there  are 
so  many  different  BIOS  implementa¬ 
tions,  says  Sean  Barry,  remote  data 
recovery  manager  at  Ontrack  Data 
Recovery. 

Similarly,  the  way  in  which  one  ac¬ 
cesses  the  service  area  of  a  hard  disk 
varies  by  manufacturer.  That  means  a 
virus  would  have  to  include  code  for 
each  brand  its  creator  wanted  to  tar¬ 
get.  The  proprietary  tools  and  codes 
required  also  aren’t  readily  available 
to  the  layperson.  Postrigan  says  he 
personally  has  tried  to  find  such  infor¬ 
mation  on  the  Internet  and  through 
other  channels,  without  success.  He 
gained  the  knowledge  through  the 
time-consuming  process  of  reverse¬ 
engineering  the  products. 

But  Carmichael  says  that  knowledge 
is  spreading.  Old  hard  drives  are  rou¬ 
tinely  shipped  to  Russia,  where  the 


ROBERT  L.  MITCHELL  IS 

Computerworld' s  senior 
features  editor.  Contact 

him  at  robert_mitchell@ 
computerworld.com. 


business  of  repairing  old  hard  disk 
drives  for  resale  is  flourishing.  He 
notes  pointedly  that  many  viruses 
today  come  from  that  region.  How  big 
a  step  would  it  be  for  that  information 
to  be  shared? 

Very  big,  says  Bruce  Schneier,  chief 
technology  officer  at  Counterpane  In¬ 
ternet  Security.  Disk  drive  experts  may 
reside  in  the  same  country  as  mali¬ 
cious  hackers  but  that  doesn’t  mean 
the  two  groups  are  any  more  likely  to 
share  information  than  they  would  in 
the  U.S.,  he  says. 

In  addition,  professionals  like 
Carmichael  and  Postrigan,  who  have 
the  determination  to  develop  such 
skills,  tend  to  develop  a  sense  of  moral 
responsibility.  “Society  is  saved  by  that 
a  lot,”  Schneier  says. 

The  public  may  also  give  virus  writ¬ 
ers  too  much  credit.  Most  simply 
aren’t  that  good.  Existing  viruses  tend 
to  be  quite  buggy,  while  efforts  at 
more  difficult,  hardware-based  at¬ 
tacks,  such  as  attempts  to  overwrite 
disk  controllers,  have  attained  only 
mediocre  results,  Schneier  says.  Most 
writers  look  for  the  easiest  route  to 
destruction.  Why  do  all  that  research 
when  you  can  simply  erase  the  data? 

Schneier  thinks  that  only  one  type 
of  organization  would  be  likely  to  ap¬ 
ply  the  skills  necessary  to  pull  off  such 
attacks.  “You  can  imagine  that  the  gov¬ 
ernment  has  in  its  back  pocket  mali¬ 
cious  code  that  does  these  sort  of 
things  for  military  use,”  he  says. 

Nonetheless,  while  an  imminent  at¬ 
tack  by  virus  writers  may  be  unlikely, 
Schneier  acknowledges  that  ultimate¬ 
ly,  Carmichael  may  be  right.  “Sooner 
or  later,  someone  is  going  to  say,  ‘Let’s 
really  hurt  people.’  It’s  unfortunate,” 
he  says.  That  possibility  —  a  remote 
one,  I  hope  —  is  just  one  more  reason 
to  keep  your  antivirus  software  up  to 
date.  O  56155 


WANT  OUR  OPINION? 

OFor  more  columns  and  links  to  our  archives,  go  to 

www.computenfvorld.com/opmions 


After  a  long 


DROUGHT, 


Now  that  the  IT  hiring  climate  is  finally  perking  up,  it's  important  to 
cultivate  the  right  connections.  And  that's  where  Robert  Half  Technology 
can  definitely  help.  With  over  100  offices  nationwide  —  staffed  with 
hiring  managers  who  really  know  the  IT  marketplace  —  we  have 
access  to  some  of  the  most  interesting  opportunities  and  cutting-edge 
technology  companies.  Plus  we  offer  competitive  pay,  great  benefits 
and  a  world-class  online  training  program.  So  whether  it's  contract 
or  full-time  opportunities  you're  after,  call  Robert  Half  Technology 
today.  And  watch  your  career  take  root  again. 


WE  GET  IT.  WE  SPEAK  IT.  WE  KNOW  IT. 


< 

< 

►n 

M  > 

O 

O 

O 

O 

RH 

Robert  Half 

Technology 


Information  Technology  Professionals 


A  Robert  Half  International  Company 


800.793.5533  •  rht.com 


©  Robert  Half  Technology.  EOE  0405-4201 


08.22.05 


Managers’  Forum 

How  does  a  busy  IT  leader 
learn  to  say  no?  Paul  Glen  has 
a  suggestion  that  can’t  miss, 
along  with  other  advice  for 
IT  managers  and  pushback 
from  readers.  Page  37 


Career  Watch 

CIO  Andrew  Armishaw  of  HSBC  offers  IT 
career  advice.  Plus,  a  study  provides  insight 
into  how  confident  IT  workers  are  about 
holding  on  to  their  jobs,  and  a  poll  reveals 
that  interest  in  computer  science  continues 
to  wane  among  undergrads.  Page  40 


This  IT  project 
manager  was 
skeptical  about 
taking  on  a  per- 
sonalcoacn. 

Six  months  later, 
she’s  a  believer. 

BY  KATHLEEN  MELYMUKA 

HEY  DON’T  call  Missouri 
the  Show-Me  State  for 
nothing.  People  there  aren’t 
easily  taken  in  by  claims 
and  promises;  they  want 
proof.  So  it  isn’t  surprising 
that  when  IT  project  man¬ 
ager  Destiny  Moneysmith 
found  out  last  fall  that  she 
was  about  to  get  a  personal 
coach,  she  was  less  than  enthusiastic. 

“I  was  very  skeptical,”  she  recalls.  “My 
past  experience  with  consultants  on 
projects  had  been  less  than  satisfactory.” 

Why  was  Moneysmith,  who  had 
worked  in  IT  at  Truman  Medical  Cen¬ 
ters  Inc.  (TMC)  in  Kansas  City  for 
three  years,  getting  a  coach?  CIO  Bill 
McQuiston  had  selected  her  to  lead  a 


OPINION 

CEOs:  Think  Through 
Your  CIO  Choice 

Paul  Ingevaldson  says  one  type  of  CIO 
doesn’t  fit  all  companies.  He  offers 
CEOs  some  critical  advice  about  how 
to  choose  the  right  one.  Page  41 


three-person  team  in  an  organization- 
wide  information  needs  assessment. 

“We  would  be  asking  executives,  ad¬ 
ministrators,  directors  and  managers 
throughout  the  business  about  infor¬ 
mation  needs,  ranging  from  data  and 
systems  needs  to  information  to  take 
care  of  patients,  to  information  needed 
to  run  day-to-day  operations  — 
basically  any  information  that  flows,” 
Moneysmith  said,  describing  the  start 
of  the  project. 

But  McQuiston  noticed  that  the  team 
had  a  hard  time  getting  started. 

“There  was  some  intimidation 
about  working  with  the  highest  people 
in  the  organization  and  some  confi¬ 
dence  issues  about  whether  they  could 
accomplish  a  project  of  that  magni¬ 
tude,”  he  says. 

McQuiston  decided  to  engage  a 
coach  to  walk  Moneysmith  and  the 
team  through  the  process.  Enter  con¬ 
sultant  Gwen  Walsh  from  Bedford, 
N.H.-based  Ouellette  &  Associates 
Consulting  Inc.,  a  firm  TMC  had 
had  good  experiences  with  in  work¬ 
shops  and  related  services.  Here’s  how 
the  coaching  engagement  played  out: 

OCTOBER  2004 

McQuiston  asks  Moneysmith  and 
Walsh  to  talk,  and  they  have  the  first  of 
several  phone  conversations  about  the 
project  and  what  Walsh  can  bring  to  it. 

Walsh  immediately  picks  up  on 
Moneysmith’s  hesitancy  about  being 
coached.  “I’m  getting  that  you’re  not 
trusting  me,”  she  tells  the  project  man¬ 
ager,  who  confesses  her  lack  of  enthu¬ 
siasm  for  the  idea. 

Walsh  responds  by  talking  about  her 
experience  with  similar  IT  projects, 
and  Moneysmith  agrees  to  give  it  a  try. 
They  follow  up  with  several  calls  and 
e-mails  before  the  engagement  begins. 

In  those  early  conversations.  Money- 
smith  talks  about  what  she  wants:  help 
with  the  project  charter,  strategies  and 
work  breakdown  structure.  “If  we  had 
extra  time,  I  had  other  things  we  could 
work  on,”  she  recalls.  “I  wanted  to 
make  sure  we  got  our  money’s  worth.” 


38 


COMPUTERWORLD  August  22, 2005 


MANAGEMENT 


www.computerworld.com 


Smart  managers  don’t  assign  coaches  to  losers;  they  assign  them  to  winners 
with  great  potential  for  growth.  How  can  you  tell  if  you  or  one  of  your  staff 
would  do  well  with  a  personal  coach?  Here’s  what  a  good  candidate 
for  coaching  looks  like,  according  to  Gwen  Walsh,  a  coach  at 

Ouellette  &  Associates  Consulting. 

■  Thinks  like  a  business  leader 

■  Encourages  key  colleague  input 

■  Sees  the  big  picture 

*  Acts  on  advice 

■  Acknowledges  opportunities  for 
self-improvement 

■  Seeks  clarification 

»*>  ease  am  aw  xtm  areas  sfcsn  t*m  sex*  mm  saw  isms  wi  «sw  dm* 

■  Practices  continuously 

■  Exudes  drive  and  commitment 

■  Reflects  on  good  and  bad 
outcomes 

■  Focuses  on  the  right  goals 

■  Embraces  change 

wkm  fans  ww  m w  nv  awss  m*  mm  mm  mm  mu  eta*  hvw 

■  Commits  to  the  work 

■  Rebounds  quickly 

■  Celebrates  successes 

1 


1 

| 


SHOW  Me 


NOVEMBER  2004 

Walsh  begins  providing  TMC’s  team 
with  the  nuts-and-bolts  skills  required 
to  manage  the  needs  assessment.  By 
late  November,  the  team  is  document¬ 
ing  requirements,  strategies  and  the 
project  charter  and  plan.  And  Walsh  is 
broadening  her  contribution.  “We  saw 
that  she  had  all  these  other  skills,  so 
we  tapped  her  for  all  the  resources  we 
could  get,”  Moneysmith  says. 

Walsh  begins  working  on  each  team 
member’s  personal  development,  of¬ 
fering  tips  and  techniques  to  practice 
on  one  another. 

“One  of  the  things  was  body  lan¬ 
guage,”  Moneysmith  says.  “When  we 
sat  in  meetings,  we  tended  to  nod  that 
we  understood.  But  Gwen  coached  us 
that  this  is  often  perceived  as  ‘I  agree,’ 
not  just  ‘I  understand  and  am  listen¬ 
ing.’  She  pointed  out  that  we  might 
have  been  sending  mixed  signals.  So 
now  when  we  have  conversations 
among  ourselves,  we  say,  ‘Hey,  you’re 
doing  it  again  —  are  you  understand¬ 
ing  or  agreeing?’  ” 

DECEMBER  2004 

Walsh  works  on  getting  the  team  mem¬ 
bers  to  be  more  assertive.  “We  realize 
we  need  to  be  more  verbal  in  meet¬ 
ings,”  Moneysmith  says.  “My  personal 
challenge  is  to  ‘blurt.’  When  things 
come  up  that  bother  me,  I  can’t  sit 
back  and  think  about  it  while  nodding 
my  head.  I  need  to  bring  it  out  on  the 
table.” 

The  team  members  begin  to  speak 
up  at  departmental  meetings,  and  they 
see  results  almost  immediately.  “It’s 
been  very  positive,”  Moneysmith  says. 
“When  we  have  something  to  say,  we 
say  it,  and  people  are  listening  to  us.” 

JANUARY  2005 

As  Walsh  sees  opportunities  for  devel¬ 
opment,  she  suggests  tips  and  tech¬ 
niques,  including  the  following: 

*  Assertiveness:  Recraft  e-mails  to  be 
more  direct  when  communicating  with 
the  boss.  Instead  of  saying,  “Can  we  do 
this?”  say,  “This  is  what  we  want.” 

8  Empowerment:  Instead  of  asking  for 
permission  to  proceed,  feel  confident 
enough  to  move  forward  with  your  ideas 
and  then  send  your  manager  a  note. 

■  Communication:  Be  firm  and 
straightforward.  Instead  of  sending 
wishy-washy  messages  that  ask  for 


help  but  give  the  recipient  an  easy  out, 
say,  “This  is  what  I  need  by  this  date.” 

■  Difficult  situations:  Present  the  facts, 
even  if  they  are  harsh,  then  work  out  a 
solution.  Focus  on  the  data,  process 
and  fix. 

As  the  team  becomes  more  com¬ 
fortable  with  Walsh,  they  add  their 
own  items  to  the  coaching  agenda. 
“We’ve  opened  up  and  asked  for  assis¬ 
tance,”  Moneysmith  says.  “For  exam¬ 
ple,  in  the  hallway  someone  said,  ‘Hey 
what  do  you  actually  do  in  your  job?’  I 
took  it  as  insulting,  but  Gwen  said, 
‘This  is  an  opportunity  for  you  to  mar¬ 
ket  yourself.’  ” 

Walsh  then  helps  the  group  to  fash¬ 
ion  “marketing  lines,  tag  lines  and 
comeback  lines”  to  use  in  various 
situations. 

FEBRUARY  2005 

Team  members  have  gained  enough 
confidence  to  try  stepping  out  of  their 
comfort  zones.  Previously,  Money- 
smith  had  run  the  meetings  with  busi¬ 
ness  people,  but  now  the  others  try 
that  role.  “It’s  safe  because  the  other 
two  are  there  to  jump  in  and  back  you 
up  if  you  need  help,”  she  explains. 
“You’re  not  by  yourself.” 

Walsh  continues  to  help  the  team 
improve  its  project  management  skills 
and  personal  skills  in  tandem.  For  ex¬ 
ample,  they  begin  work  on  a  project 
prioritization  matrix  by  asking  the  IT 
directors  how  the  company  and  IT  pri¬ 
oritize  projects.  They  find  that  the 
process  is  neither  formal  nor  docu¬ 
mented. 

The  team  members  formalize  the 
process  the  directors  describe,  adding 
weights  and  values  to  rate  and  score 


The  cost  of  a  coaching  engagement 
is  highly  variable.  “Typically,  you 
outline  a  scope  of  work  to  be  con¬ 
ducted  over  time,”  says  Truman 
Medical  Centers  CIO  Bill  McQuiston. 
“Then  you  count  on  x  days  per 
month  for  preparation  and  on-site 
delivery.  You  estimate  it  based  on 
what  you’re  trying  to  accomplish, 
and  you  negotiate  until  you’ve  got 
the  scope,  cost  and  time  frame 
you’re  looking  for.” 

For  a  good  coach,  you  should  ex¬ 
pect  to  pay  S250  to  $350  an  hour,  or 
about  S2,700  a  day,  he  adds. 

Was  it  worth  it?  “Absolutely,” 
McQuiston  says.  “Worth  every  cent.” 

-  Kathleen  Melymuka 


any  project  through  hard  data  rather 
than  gut  feel.  Then  they  practice  their 
soft  skills.  “When  we  took  it  back  to 
the  directors,  we  had  to  present  that 
tactfully  so  they  would  accept  it,” 
Moneysmith  explains.  “We  didn’t  want 
them  to  feel  we  were  telling  them  how 
to  do  their  jobs.” 

Moneysmith  is  stepping  into  her 
leadership  role.  She  realizes  that  she 
has  taken  the  coaching  agenda  out  of 
Walsh’s  hands.  “In  the  early  meetings, 
I’d  be  rushing  around  making  sure  I 
got  my  action  items  done,”  she  recalls. 
“Now,  I  usually  have  an  agenda.” 

“Blurting”  has  become  so  second  na¬ 
ture  that  during  departmental  meet¬ 
ings,  attendees  turn  to  Moneysmith 
with  an  expectant  “Aren’t  you  going  to 
say  anything?” 

“When  she  learned  to  blurt  it  out,  it 
was  like  a  light  switch  turned  on,  and 
she  hasn’t  turned  it  off  since,”  Walsh 
says. 

MARCH  2005 

The  project  is  nearly  done.  Walsh 
coaches  the  team  on  how  to  analyze 
fmdings,  document  their  analysis  and 
get  buy-in  from  the  departments  on 
their  methodology.  Once  the  analysis  is 
complete,  they  practice  presenting  the 
information  to  better  handle  difficult 
questions  from  the  audience. 

In  this  final  round,  they  are  still 
simultaneously  working  on  personal 
growth.  Moneysmith’s  new  focus  is 
delegating  project  tasks. 

“Gwen  has  helped  me  realize  I  can’t 
do  everything,”  she  says.  “She  showed 
me  how  to  stay  connected  but  not  do 


the  work  —  how  I  can  still  check  up 
on  it,  but  I  don’t  have  to  own  it.” 

APRIL  2005 

The  team  gives  its  final  presentation. 
“It  went  great  —  very  smooth,  and 
nothing  they  threw  at  us  caused  us  any 
concern,”  Moneysmith  reports.  A  week 
later,  after  focusing  on  lessons  learned, 
the  group  is  ready  for  a  new  project. 

CIO  McQuiston  says  the  engage¬ 
ment  was  a  big  success.  “I  see  a  physi¬ 
cal  difference  [in  Moneysmith],”  he 
says.  “I  see  a  person  who  is  more  con¬ 
fident  and  more  able  to  confront  issues 
and  ideas.  She  shows  a  lot  more  bold¬ 
ness,  in  a  good  way. 

“[The  team]  served  up  an  end  prod¬ 
uct  that  was  on  time,  well  organized 
and  very  useful,”  McQuiston  adds. 
“There’s  no  question  the  project  was  a 
success.  It  will  serve  as  a  guidepost  for 
us  developing  our  capital  expenditure 
plan  and  everything  else.” 

Everyone  was  impressed  with  the 
team,  he  adds.  “And  when  I  started  to  get 
‘Can  they  work  on  my  project?’  I  know 
there’s  something  positive  happening.” 

Moneysmith  knows  it,  too.  “When  I 
started  out,  I  was  kind  of  scared  of  the 
project;  I  hadn’t  done  something  in 
this  manner  before.  I  questioned  my 
ability  and  how  everybody  would  re¬ 
act,”  she  recalls.  “Now  I  don’t  think  I’m 
scared  about  tackling  anything  they 
throw  our  way.”  ©  56055 

GET  THE  MOST  FROM  YOUR  COACH 

Tips  from  a  pro  on  how  to  get  your  money’s  worth: 

QuickLink  56058 
www.computerworld.com 


www.computerworld.com 


MANAGEMENT 


COMPDTERWORLD  August  22, 2005 


37 


alongside  in 


I  hope  this  monthly 
column  will  pro¬ 
vide  a  lively  ex¬ 
change  of  ideas 
with  IT  managers. 
I’ll  do  my  best 
to  answer  your 
questions,  and 
some  of  your 
responses  will  run 
Readers  Talk  Back.” 


PLEASE  SEND  YOUR  QUESTIONS. 
COMMENTS  AND  CRITIQUES  TO  ME  AT 

PGLEN@C2-C0NSULT1N6.C0M 


HAn  industry  group  has  asked  me  to 
do  a  speech.  While  flattering,  it 
would  be  too  much  work,  given  the 
value  to  be  gained  by  me  or  my  organization. 
They  are  being  very  aggressive  with  their  in¬ 
vitation,  and  I’m  afraid  that  they  may  want 
to  try  to  negotiate  rather  than  take  no  for 
an  answer.  How  do  I  say  no  politely  without 
trashing  the  relationship?  There  are  times 
when  saying  no  is  difficult  without 
jeopardizing  a  professional  relation¬ 
ship,  especially  when  people  are  being 
very  aggressive  about  their  requests. 

In  your  case,  telling  the  truth,  the 
whole  truth  and  nothing  but  the  truth 
would  probably  be  too  harsh.  At  the 
same  time.  I’m  not  a  big  fan  of  little 
white  lies.  It’s  best  to  stick  to  the  facts. 

However,  when  people  don’t  want  to 
take  no  for  an  answer,  giving  them  too 
many  facts  is  an  invitation  to  a  negotia¬ 
tion.  They’ll  try  to  pin  you  down,  prov¬ 
ing  that  you  can  do  it  after  all.  Before 
you  know  it,  you’ll  not  only  be  speak¬ 
ing  at  their  conference,  you’ll  also  be 
hosting  a  panel  and  writing  articles  for 
their  newsletter. 


The  most  effective  approach  is  to 
stick  to  the  facts  about  your  own  feel¬ 
ings.  So  I’d  suggest  a  reply  like  this: 
“While  I  appreciate  the  invitation,  I’ve 
already  taken  on  a  large  number  of 
commitments  and  don’t  feel  comfort¬ 
able  taking  on  any  more  right  now.” 

There  won’t  be  a  discussion  of  how 
many  commitments  you  have.  It’s 
about  your  feelings  about  those  com¬ 
mitments.  Who  can  argue  with  that? 

HWhen  you  have  an  outstanding 

employee  and,  because  of  the  cor-  ! 
porate  rules,  you  can’t  reward  him  j 
with  promotions  and/or  nonstandard  salary 
increases,  what  do  you  do?  There  are 
many  ways  of  rewarding  outstanding 
performance,  but  before  addressing  the  ; 
possibilities,  let’s  take  a  quick  look  at  j 
the  options  you  mentioned,  which  are 
often  overrated. 

In  organizations  where  nonstandard 
salary  increases  are  possible,  they  can 
be  a  great  tool.  For  someone  who  con¬ 
sistently  performs  beyond  expecta¬ 
tions,  a  salary  boost  can  be  a  good  way  ; 
of  recognizing  the  long-term  value  de¬ 
livered.  But  too  often,  I  see  managers 
eager  to  hand  out  salary  increases  as 
rewards  for  one-time  greatness.  Salary  [ 
increases  are  gifts  that  keep  on  giving  | 
—  and  taking  away.  The  employee  is 
paid  every  year  for  something  done 
long  ago.  But  raises  can  also  foster  ex¬ 
pectations  that  every  episode  of  great¬ 
ness  will  be  met  with  a  permanent  re-  ! 
ward.  Bonuses  may  be  a  better  way  to 
go.  One-time  value  delivery  is  reward¬ 
ed  with  one-time  cash. 

Also,  be  careful  when  handing  out 
promotions.  Just  because  people  per-  | 
form  exceptionally  in  one  position 
doesn’t  necessarily  mean  that  they’re  I 


ready  for  the  next  higher  job.  If  a  pro¬ 
motion  transforms  how  someone  deliv¬ 
ers  value  to  the  organization,  it  should 
be  bestowed  on  someone  who’s  ready 
to  accept  the  new  responsibilities. 

So  how  can  you  reward  your  star 
performers?  Here  are  a  few  ideas: 

■  Cool  work.  Give  the  most  interesting 
assignments  to  top  performers  who  will 
love  doing  them.  Include  appropriate 
technical  and  managerial  training. 

■  Recognition.  A  public  thank  you  and 
recognition  of  outstanding  work  can 
go  a  long  way,  especially  if  you  com¬ 
bine  it  with  some  other  reward.  Recog¬ 
nition  alone  can  seem  a  bit  hollow. 

■  Status  symbols.  While  we  don’t  like  to 
talk  about  this  one,  it  can  be  remark¬ 
ably  powerful.  At  heart,  we  are  pack 
animals  and  have  a  strong  desire  to 
display  our  place  in  the  pecking  order. 
(Does  a  Mercedes  get  you  to  work  any 
faster  than  a  Chrysler?) 

What  you  need  to  do  is  figure  out 
the  status  symbols  in  your  company. 
The  classics  include  office  location, 
size,  furnishings  and  configuration 
(such  as  a  door).  At  one  consulting  or¬ 
ganization  I  worked  for,  none  of  us  had 
offices,  so  we  had  to  find  another  way 
of  showing  rank.  Status  was  denoted 
by  cell  phone.  (Clearly,  this  was  a 
while  ago.)  If  the  company  issued  you 
a  phone,  you  were  important.  Then, 
within  the  cell-phone-bearing  crowd, 
status  was  shown  through  phone  size. 
The  smaller  the  phone,  the  more  im¬ 
portant  you  were. 

Silly  as  it  may  seem,  people  paid  at¬ 
tention  to  this.  So  don’t  underestimate 
the  value  of  psychic  rewards. 

HI  am  the  interface  between  IT  and 
one  major  user  group.  How  do  I 
protect  my  personal  reputation 
with  my  users  when  my  department  is  doing 
a  poor  job  delivering?  Very  simply:  Don’t 
try.  Most  users  can  distinguish  be¬ 
tween  poor  collective  performance 
and  poor  individual  performance.  Just 
as  most  Americans  love  their  own  con¬ 
gressional  representatives  yet  despise 
the  collective  U.S.  House  of  Represen¬ 
tatives,  your  users  can  love  you  and 
hate  your  department. 

In  fact,  the  harder  you  try  to  sepa¬ 
rate  yourself  from  your  delivery  peo¬ 
ple,  the  more  shrill  and  mercenary  you 
will  look.  The  more  you  call  attention 
to  yourself,  the  more  you  demonstrate 
to  your  users  that  you  are  more  wor¬ 
ried  about  yourself  and  your  image 
than  you  are  about  their  problems. 

Just  be  consistently  professional, 
acknowledge  service  problems,  apolo¬ 
gize  appropriately,  and  work  to  correct 
them.  You’ll  be  fine.  ©  56051 


with  the  press, /;;Nv  • 

In  the  case "listed,  it.30iiridad.like 

ti  is 

riizationai  publicity  nt'lmr  than  qn  .  v 
being  an  effecayeTopmsoift'ative.  of  v 
the  tecfwicafgiwtp.  ■  ■  ,  ~ 

,  /  -mUMM 

:C.  V 


READERS  TALK  BACK 


Rock-star-itis 

HI  think  your  answer  would 
apply  as  written  to  smaller 
shops,  but  in  larger  orga¬ 
nizations,  it  might  be  a  little  bit  over¬ 
simplified  and  thus  misread  and 
misleading. 

In  large  organizations,  it  could  be 
argued  that  “providing  external  rep¬ 
resentations”  should  be  the  primary 
focus  of  the  CIO.  Certainly  the  other 
of  the  four  key  responsibilities  are 
in  play,  but  typically  they  are  rou¬ 
tinely  focused  at,  on  and  through 
■■TWfflTS  second-andthird- 
Kh  1 1 1 1 U  4  tier  managers. 

The  CIO,  mean¬ 
while,  might  have  his 
hands  pretty  full  rep¬ 
resenting  the  IT  divi¬ 
sion  and  IT  staff  to  the 

<T 

external  world  of  the  organization  - 
even  to  the  industry.  This  does  not 
mean  that  he  focuses  on  becoming  a 
“rock  star”  for  purposes  of  ego  grat¬ 
ification.  There’s  plenty  of  legitimate 
need  for  the  external  focus  of  a  CIO 
that  has  nothing  to  do  with  ego  - 
e.g.,  budget  or  planning  sessions  or 
making  sure  the  IT  staff  gets  the 
recognition  it  deserves  for  corporate 
accomplishments. 

It’s  possible  the  writer’s  CIO  was, 
in  fact,  overdoing  the  ego  trip.  How¬ 
ever,  your  answer  dealt  more  gener¬ 
ally  with  what  a  CIO  should  be  doing 
in  balancing  the  four  accountabilities. 

I  do  not  agree  that  the  emphasis 
on  each  accountability  is  in  complete 
balance  at  each  level,  which  the  an¬ 
swer  implies. 

-  PAUL  WILLIAMS,  SACRAMENTO 

- - - — <•  ifey'rfjhfcaaa 


38  COMPUTERW0RLD  August  22, 2005 


No  matter  how 
good  the  outcome,  if 
customers  expected 
something  different, 
the  project  is  a  failure. 
By  Alan  S.  Horowitz 

The  it  project  was  a  success.  It  was 
on  time  and  on  budget,  and  it  did 
what  it  was  supposed  to.  The  only 
problem:  The  customer  wasn’t  happy. 

The  project  manager  had  provided 
written  weekly  status  reports,  just  as 
the  customer  had  requested,  but  he  had  missed  the 
crucial  second  step:  asking  for  feedback.  The  project 
manager  learned  too  late  that  you  can  never  assume 
you  know  what  a  customer  is  thinking  —  you  have  to 
ask.  Because  he  failed  to  do  that,  the  customer  was 
resentful,  says  Naomi  Karten,  a  principal  at  Ran¬ 
dolph,  Mass.-based  training  and  consulting  firm 
Karten  Associates.  “The  information  [the  customer] 
was  given  didn’t  mesh  with  what  he  was  looking  for, 
[but]  he  didn’t  take  any  steps  to  ask  for  what  he  really 
wanted,”  she  observes. 

Welcome  to  a  world  where  even  successful  IT 
projects  can  be  deemed  failures  if  the  customer  ex¬ 
pected  something  other  than  what  IT  delivered.  To 
survive  and  prosper,  you  have  to  learn  how  to  man¬ 
age  what  customers  expect. 

First,  it’s  important  to  understand  how  skewed  ex¬ 
pectations  arise.  “Unreasonable  expectations  almost 
always  come  from  a  misunderstanding,”  says  Dan 
Bent,  director  of  claims  technology  at  The  Nyhart 
Co.,  a  financial  services  firm  in  Indianapolis. 

The  sources  of  these  misunderstandings  are  varied. 
Some  are  based  on  incorrect  assumptions.  “The  ex¬ 
pectation  is  that  IT  is  like  the  power  company,”  says 
Garrett  Granger,  CIO  of  office  supply  manufacturer 
Dixon  Ticonderoga  Co.  in  Heathrow,  Fla.  “[Users]  ex¬ 
pect  the  lights  to  go  on,”  he  says,  “and  the  only  time 
you  hear  from  them  is  when  the  lights  don’t  go  on.” 

History  often  raises  false  expectations,  says  Rick 
Giese,  e-commerce  development  manager  at  Great 
Lakes  Educational  Loan  Services  Inc.  in  Madison, 


Wis.  If  a  previous  project  didn’t  go  well,  the  cus¬ 
tomer’s  expectations  may  be  negative,  he  says,  and 
no  matter  how  well  IT  performs,  it  may  not  be  able 
to  overcome  them. 

A  directive  from  the  top  can  create  expectations  that 
IT  will  have  trouble  meeting,  says  Nate  Root,  an  analyst 
at  Forrester  Research  Inc.  Consider  the  sales  execu¬ 
tive  who  decrees  that  his  department  needs  a  new 
system  to  track  customers.  Because  the  executive 
thinks  he  knows  what’s  needed,  he  does  no  research, 
nor  does  he  want  IT  to  spend  the  time  and  money  to 
develop  good  user  requirements.  IT  is  left  having  to 
fulfill  expectations  that  have  never  really  been  vetted. 

Sometimes  customers  aren’t  sure  what  they  ex¬ 
pect.  Especially  with  a  large  project  that  takes  time 
to  complete,  expectations  may  evolve.  “The  technol¬ 
ogy  doesn’t  change  as  quickly  as  people’s  minds 
change,”  says  Karten. 

Unattainable  expectations  may  arise  from  outside 
the  company,  says  Anita  Leto,  director  of  IT  transfor¬ 
mation  at  consulting  firm  Ouellette  &  Associates  Inc. 
in  Bedford,  N.H.  The  news  media  publish  articles, 
vendors  place  ads,  and  trade  shows  provide  rosy  pic- 


Don’t 

Overdeliver 

Developers  like  to  add  features  to  what  they’re  de¬ 
veloping.  “Gold  plating”  is  what  Rick  Giese  calls  it. 
Beware  of  this,  warns  the  e-commerce  development 
manager  at  Great  Lakes  Educational  Loan  Services. 

For  one  thing,  customers  don’t  like  surprises, 
even  so-called  good  ones.  And  while  you  might 
assume  that  what  you  are  giving  the  customer  is 
desirable,  it  may  actually  be  a  turn-off. 

Moreover,  exceeding  expectations  can  have  a 
snowball  effect,  according  to  Naomi  Karten,  prin¬ 
cipal  at  consulting  firm  Karten  Associates.  You  run 
the  risk  of  creating  unreasonable  expectations 
over  the  long  term. 

“Customers  expect  what  they  are  now  receiving, 
and  in  a  sense,  they  keep  upping  the  ante,”  she 
says.  “Your  good  intentions  can  become  a  poten¬ 
tial  pitfall.” 

-  Alan  S.  Horowitz 


tures,  all  of  which  can  foster  unrealistic  expectations. 
Customers  expect  plug  and  play.  “That’s  what  the 
vendors  at  the  conferences  promise  them,”  she  says. 

Finally,  IT’s  own  expectations  may  be  as  off-target 
as  those  of  users.  The  IT  group  may  think  that  if  it 
tells  customers  about  a  new  application,  they’ll  be 
eager  to  use  it.  But  unless  it  obviously  makes  their 
jobs  easier,  customers  may  ignore  it.  “The  average  IT 
end  user  and  the  average  IT  producer  have  different 
expectations,”  Root  says. 

But  you  can  manage  expectations.  Here’s  how: 

Communicate  carefully.  Karten  notes  that  it’s  often  not 
the  work  that  IT  does  that  riles  customers;  it’s  the  cus¬ 
tomers’  interaction  with  IT.  So  use  unambiguous  lan¬ 
guage.  If  the  help  desk  commits  to  “respond”  to  a  cus¬ 
tomer  communication  within  four  hours,  the  customer 
may  think  this  means  IT  will  solve  the  problem  within 
four  hours.  But  IT  may  think  this  means  it  will  ac¬ 
knowledge  a  problem  within  four  hours.  “Both  parties 
need  the  same  understanding  of  what  ‘respond’ 
means,”  Karten  says. 

Take  the  time  to  do  it  right.  “The  customer  needs  to  be 
assisted  in  finding  a  reasonable  set  of  expectations,” 
says  Douglas  C.  Gilbert,  director  of  Verizon  Commu¬ 
nications  Inc.’s  operations  for  the  U.S.  Department  of 
Energy.  If  IT  doesn’t  take  the  time  early  on  to  help 
the  customer  understand  what’s  reasonable  and  un¬ 
reasonable,  he  says,  don’t  be  surprised  when  expec¬ 
tations  turn  out  to  be  beyond  IT’s  capabilities. 

Don’t  be  a  patsy.  Push  back  against  unrealistic  direc¬ 
tives  from  on  high,  says  Root.  Don’t  start  the  project 
until  you  know  exactly  what  users  really  need. 

If  you’re  fighting  negative  expectations,  try  to  build  trust, 
says  Virginia  Robbins,  managing  director  of  IT  and 
operations  at  Chela  Education  Financing  in  San  Fran¬ 
cisco  and  a  Computer-world  columnist.  That’s  done 
through  working  closely  with  business  customers  to 
set  priorities,  requirements  and  scope. 

Keep  expectations  in  sync  by  holding  regular  meet¬ 
ings  in  which  senior  IT  and  business  executives  hear 
project  status  reports  from  workers.  “These  appear 
to  be  time-consuming,”  says  Ellen  Gottesdiener,  prin¬ 
cipal  consultant  at  EBG  Consulting  in  Carmel,  Ind., 
“but  they  save  time  by  dealing  with  things  upfront.” 

Stay  current,  warns  Giese.  Hold  meetings  at  least 
weekly,  if  not  more  frequently.  “If  you’re  a  week  off 
in  expectations,  it’s  easier  to  get  things  righted  than 
if  you’re  two  months  off  and  the  client  says,  ‘This 
isn’t  at  all  what  I  thought  it  would  be,’  ”  he  says. 

Use  pilot  programs  as  a  reality  check,  Gilbert  says.  “The 
pilot  is  set  up  as  a  joint  program  between  business  and 
IT,”  he  explains.  A  joint  management  committee  sets 
scope,  goals  and  metrics  for  the  pilot,  monitors  it  and 
verifies  the  results.  “We  use  the  pilot  to  collect  data 
on  which  we  can  base  realistic  expectations,”  he  says. 

Don’t  sugarcoat  it.  “One  area  where  IT  doesn’t  do  as 
good  a  job  as  it  could  is  in  communicating  how  long  a 
project  will  take,”  says  Giese.  If  the  job  can’t  be  done 
within  the  time  the  customer  wants,  say  so  upfront. 

If  customers’  expectations  aren’t  realistic,  commu¬ 
nicate  that  to  them,  says  Ann  Smith,  vice  president  of 
federal  sales  at  Tumbleweed  Communications  Corp. 
in  Redwood  City,  Calif.  “It  won’t  get  better,”  she  says, 
“so  deal  with  it  as  soon  as  possible.”  056059 


Horowitz  is  a  freelance  business  and  technology  writer 
in  Salt  Lake  City.  Contact  him  at  alan@ahorowitz.com. 


DB2  WONT  ABANDON  YOU. 

Perhaps  you’ve  heard:  Oracle  desupported  Oracle 
Database  8i  last  year.  Meaning  potential  headaches, 
higher  cost  or  a  complete  migration  to  current  versions 
of  Oracle.  Fortunately,  IBM  offers  ongoing,  around-the- 
clock  service  and  support  for  DB2. 

But  that’s  not  all.  A  Solitaire  study  has  found  that,  on 
average,  Oracle  Database  requires  25%  more  time  to 
manage  than  DB2.1  That’s  big. 

And  an  ITG  study  showed  overall  costs  for  Oracle  Database 
up  to  four  times  higher  than  DB2.2  The  Transaction  Process¬ 
ing  Performance  Council  results  show  that  DB2  and 
eServer'"  p5-595  are  more  than  twice  as  scalable  as  Oracle 
Real  Application  Clusters,  making  them  the  overwhelming 
performance  and  scalability  leader  forTPC-C.3  That’s  big,  too. 


No  wonder  DB2  is  regarded  as  the  leading  database  built 
on  and  optimized  for  Linux”  UNIX’  and  Windows?  Like 
other  IBM  database  engine  products  such  as  Informix® 
and  Cloudscape’, “  DB2  is  part  of  an  innovative  family  of 
information  management  middleware  that  integrates,  and 
can  actually  add  insight  to  your  data. 

It’s  also  built  to  take  full  advantage  of  your  existing 
heterogeneous  and  open  environments,  and  is  built  to 
enable  true  grid  computing. 

Why  not  move  up  to  middleware  that  makes  sense?  Now 
you  can  get  IBM  DB2  Universal  Database  or  Informix 
by  taking  advantage  of  our  extremely  compelling  trade- 
up  program.  Visit  ibm.com/db2/swap  today  to  find  out  if 
you  qualify. 


0J|  DEMAND  BUSINESS 


IBM.  the  IBM  logo,  DB2,  eServer,  Informix,  Cloudscape  and  the  On  Demand  logo  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation  in  the  United 
States  and  other  countries.  Linux  is  a  registered  trademark  of  Linus  Torvalds.  Microsott  and  Windows  are  registered  trademarks  of  Microsoft  Corporation  in  the  United  States  and/or  other 
countries.  UNIX  is  a  registered  trademark  of  The  Open  Group  in  the  United  States  and/or  other  countries.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks 
of  others.  ©2005  IBM  Corporation.  All  rights  reserved.  '“DB2  Performance  on  IBM  Server'  pSeries  and  xSeries,"  Solitaire  Interglobal  Ltd.,  2003.  based  on  Oracle  Database  9i.  -"'IBM 
Solutions  for  PeopleSoft  Deployment  in  Mid-sized  Businesses  Quantifying  the  New  Cost/Benefit  Equation,”  July  2003,  International  Technology  Group,  Los  Altos,  California.  All  referenced 
results  are  current  as  of  12/14/04.  DB2  UDB  v8.2  on  IBM  eServer  p5  595  (64-way  POWER5  1.9  GHz)  and  AIX  5.3L:  3,210,540  tpmC  @  $5.19/tpmC  available:  May  15,  2005,  vs.  Oracle 
RAC  lOg  on  HP  Integrity  rx5670  Cluster  64P  (16  x  4-way  Intel  Itanium2  6M  1.5GHz):  1,184,893  tpmC  @  $5.52/tpmC  available:  April  30,  2004;  TPC  Benchmark,  TPC-C.  tpmC  are 
trademarks  of  the  Transaction  Processing  Performance  Council.  For  further  TPC-related  information,  please  see  http://www.tpc.org/ 


ms 


40 


C0MPUTERW0RID  August  22, 2005 


MANAGEMENT 


www.computerworid.com 


Gauging  IT  Workers’  Confidence 


IT  workers  are  a  bit  less  confident  than  U.S.  workers  overall  that  they  will  hold 
on  to  their  jobs  throughout  the  next  12  months.  (Seventy-seven  percent  of  workers 
overall  said  it  is  unlikely  that  they  will  lose  their  job  or  see  it  eliminated.) 

But  IT  workers  are  more  likely  to  look  for  a  new  job  in  the  next  12  months. 

(For  U.S.  workers  overall,  39%  were  likely  to  be  looking  and  50%  were  unlikely.) 

Likelihood  of  losing  job  or  job  Likelihood  of  looking  for 
elimination  in  next  12  months  new  job  in  next  12  months 


BASE:  A  U,S.  SAMPLE  OF  2.789  EMPLOYED  ADULTS.  AGED  18  YEARS  AND  OLDER.  OF  WHOM  151  ARE  EMPLOYED  IN 
IT  POSITIONS:  THEY  WERE  INTERVIEWED  IN  A  SERIES  OF  TWO  POLLS  CONDUCTED  IN  MAY  2005. 

SOURCE:  SPHERION  IT  EMPLOYMENT  REPORT,  BASED  ON  DATA  FROM  AN  ONLINE  SURVEY  CONDUCTED  BY  HARRIS 
INTERACTIVE  ON  BEHALF  OF  SPHERION  CORP. 


INTEREST  IN 
CS WANES 

■  Analyzing  survey  results  from  the  Higher  Edu¬ 
cation  Research  Institute  at  the  University  of  Cali¬ 
fornia,  Los  Angeles,  Jay  Vegso  wrote  in  the  May 
issue  of  Computing  Research  Ne ws  that  the  pop¬ 
ularity  of  computer  science  as  a  major  among 
incoming  freshmen  at  all  undergraduate  institu¬ 
tions  has  dropped  significantly  in  the  past  four 
years  and  that  the  proportion  of  women  who  re¬ 
ported  that  they  might  major  in  computer  science 
fell  to  levels  unseen  since  the  early  1970s.  The 
percentage  of  incoming  undergraduates  indicat¬ 
ing  that  they  would  major  in  computer  science 
declined  by  more  than  60%  between  2000  and 
2004  and  is  now  70%  lower  than  at  its  peak  in 
the  early  1980s. 


ASK  A  PREMIER  100  IT  LEADER 

Andrew  C. 
Armishaw 

TITLE:  Group 
executive,  CIO 


COMPANY: 

HSBC  Technology 
&  Services,  Pros¬ 
pect  Heights,  III, 


Armishaw  is 
this  month’s  guest  Premier  100 
IT  Leader,  answering  readers’ 
questions  about  landing  a  job  in 
the  network  security  field  and 
combining  business  and  IT  skills. 

If  you  have  a  question  you’d  like 
to  ask  one  of  our  Premier  100  IT 
Leaders,  send  it  to  askaleader® 
computerworld.com  and  watch  for 
this  column  each  month. 


I  financed  my  own  CISSP  certificate 
for  career  advancement  during  a  lay¬ 
off  period,  but  I  don’t  have  much  pure 
security  management  experience, 


and  my  current  career  is  wasting 
away  my  other  network  skills.  How  do 
I  find  a  job  in  network  security  while 
working  full  time  and  without  having 
10-plus  years  of  experience?  Some¬ 
times  the  best  place  to  look  is  within  your 
current  company.  An  employee  who  is  will¬ 
ing  to  learn  new  skills  to  improve  himself 
and  his  organization  is  invaluable. 

Arrange  an  informational  interview  with 
key  managers  in  the  network  security  de¬ 
partment  of  your  company.  Discuss  the  op¬ 
portunities  they  have,  and  market  the  skills 
you  can  bring  to  the  group.  Remember, 
your  knowledge  of  the  organization,  culture 
and  people  is  an  advantage  you  have  over 
an  external  candidate. 

I’m  pursuing  a  degree  course  in  busi¬ 
ness  IT.  The  course  encompasses 
both  business  units  and  IT  units. 
Which  are  the  most  viable  career  lines 

to  opt  for?  Both  business  and  IT  career 
paths  are  viable.  The  business  must  under¬ 
stand  how  technology  can  provide  busi¬ 
ness  solutions,  and  technology  must  under¬ 
stand  the  business  to  provide  those  solu¬ 
tions.  The  employee  who  incorporates  both 
disciplines  is  an  asset  to  the  company. 

Page  compiled  by  Jamie  Eckle. 


r 

OUTSOURCING:  THE  OTHER  INDIANS 

The  Associated  Press  reported  that 

i  cy  of  electronic  documents  that  are  t 

ran- 

outsourcing  has  come  1 

:o  American 

i  scribed  in  China  by  workers  who,  altl 

nough 

i 

Indian  reservations.  According  to  a 

!  they  understand  English,  often  have 

diffi- 

recent  AP  story,  an  Indian-o 

wned  market- 

1  culty  deciphering  Americans’  handw 

riting. 

ing  and  Web  design  start-up 

i  on  the  Pine 

!  The  work  amounts  to  reverse  outsourcing 

Ridge  Reservation  in  South 

Dakota  called 

j  (work  performed  for  a  foreign  compe 

iny 

Lakota  Express  can  thank  si 

oppy  hand- 

|  that  is  itself  in  the  employ  of  a  U.S.  b 

usi- 

writing  for  its  outsourcing  fo 

rtunes.  Eight 

i  ness).  And  experts  expect  plenty  more  of 

Lakota  Express  employees  v 

et  the  accura- 

i  such  work  to  become  available. 

L 

J 

■  Even  as  the  number  of  women  in  IT  is 
declining  in  the  U.S.,  it’s  on  the  rise  in 
India,  according  to  Rediff.com,  an  Indi¬ 
an  Web  portal.  The  Infor¬ 
mation  Technology  Asso¬ 
ciation  of  America  has 
found  the  number  of 
women  in  IT  to  be  on  the 
decline  in  the  U.S.,  falling 
18.5%  since  1996.  Today,  32.4% 
of  U.S.  IT  workers  are  women, 
the  ITAA  says.  India  can’t  match  that, 
since  only  24%  of  its  IT  workers  are 


WHERE 

WOMEN  ARE 

GAINING 


women,  says  India’s  National  Associa¬ 
tion  of  Software  and  Services  Compa¬ 
nies.  But  the  proportion  of  women  in 
IT  is  growing  in  India,  even 
as  it’s  shrinking  in  the 
U.S.  Nasscom  says  that 
women  will  account 
for  35%  of  Indian  IT 
workers  by  2007.  And 
Madhumita  Raghavan,  an  IT  consultant 
in  Bangalore,  won't  rule  out  the  possi¬ 
bility  of  a  50-50  male-female  ra¬ 
tio  within  a  few  years.  O  55988 


www.computerworld.com 


MANAGEMENT 


COMPUTERWORLD  August  22, 2005 


41 


EXEC  TRACK 


Dell  Taps  12-Year 
IT  Veteran  as  CIO 

SUSAN  SHESKEY  has  been 
named  CIO  at  Dell  Inc.  A  vice 
president  and  12-year  veteran  of 
the  company’s  IT  operation,  she 
had  been  serving  as  interim  CIO. 
Sheskey’s  management  experi¬ 
ence  at  Dell  includes  service  as 
vice  president  for  global  sales, 
services,  manufacturing  and 
fulfillment  IT. 


Benzaken  Gets  Nod 
As  TheLadders  VP 

TheLadders.com  Inc.,  a  job  Web 
site  in  New  York,  announced 
that  ALAIN  BENZAKEN  has  joined 
the  company  as  vice  president 
of  technology.  Benzaken  will 
oversee  all  Web  site  operations 
and  spearhead  technology  devel¬ 
opment.  He  previously  was  an 
executive  at  Priceline.com  Inc., 
serving  most  recently  as  vice 
president  of  development  for  in¬ 
ternational  systems.  Benzaken 
also  spent  11  years  at  Prodigy 
Services  Corp. 


Farmer  Is  Interim 
CIO  at  the  FDA 

The  U.S.  Food  and  Drug  Adminis¬ 
tration  announced  the  appoint¬ 
ment  of  FRED  FARMER  as  acting 
CIO  following  the  departure  of 
Jim  Rinaldi,  who  will  serve  as  CIO 
at  the  Jet  Propulsion  Laboratory. 
Farmer  had  been  IT  program 
director  for  the  CIO’s  office. 


Lemke  to  Lead 
IT  at  Schneider 

JUDITH  A.  LEMKE  has  been 
named  executive  vice  president 
and  CIO  at  Schneider  National 
Inc.,  a  provider  of  transportation, 
logistics  and  related  services  in 
Green  Bay,  Wis.  Lemke  joins 
Schneider  National  from  Capella 
University  in  Minneapolis,  where 
she  served  as  CIO.  Prior  to  that, 
she  was  vice  president  of  the 
Midwest  region  at  Born  Informa¬ 
tion  Services  Inc.,  an  IT  consult¬ 
ing  firm  in  Minnetonka,  Minn. 


PAUL  INGEVALDSON 


CEOs:  Think  Through 
Your  CIO  Choice 


push  the  IT  agenda  and 
take  responsibility  for 
its  deployment. 

The  activist  CIO  is 
prevalent  in  IT  turn¬ 
arounds  or  when  manage¬ 
ment  isn’t  involved  with 
the  IT  department’s  proc¬ 
esses.  Often,  the  marching 
orders  for  this  type  of  CIO 
can  be  summarized  by  the 
dictum,  “I  want  you  to  get 
in  there  and  develop  the 
systems  you  think  we  need 
to  get  this  company  run¬ 
ning  smoothly.” 

This  type  of  CIO  thrives  in  compa¬ 
nies  that  are  looking  for  operational 
systems  necessary  to  replace  costly 
and  inefficient  manual  procedures. 
Managers  within  these  companies  are 
usually  uninvolved  in  the  IT  process, 
and  their  expectations  of  the  CIO  are 
similar  to  their  expectations  of  other 
department  heads:  Get  the  job  done. 

In  this  type  of  environment,  systems 
get  developed  more  quickly  because 
there  is  one  decision-maker.  The  com¬ 
pany  has  passed  its  prerogative  to  IT  to 
develop  what  is  necessary.  The  down¬ 
side  is  that  the  CIO’s  vision  may  not  fit 
the  strategic  needs  of  the  corporation. 
If  that  happens,  the  IT  systems  in  the 
company  will  not  be  aligned  to  the 


company  needs. 

The  collaborative  CIO, 
on  the  other  hand,  is 
the  type  of  person  who 
understands  that  although 
systems  are  developed 
by  IT,  they  are  used  by  oth¬ 
er  departments.  The  col¬ 
laborative  CIO  is  usually 
found  in  a  company  where 
management  understands 
that  IT  systems  are  very 
strategic  and  that  IT 
resources  are  limited. 

In  this  environment,  the 
CIO  is  a  member  of  the  corporate 
strategic  planning  team  that  deter¬ 
mines  IT  needs  based  on  the  company 
strategy.  The  CIO  functions  as  a  tech¬ 
nology  advocate,  theorist  and  critic  in 
order  to  assure  that  IT  systems  always 
support  the  corporate  strategy  as  a 
point  of  reference.  In  most  cases,  the 
CIO  reports  directly  to  the  CEO  and 
sits  “at  the  table.” 

Under  this  approach,  systems  pro¬ 
posals  are  presented  to  a  committee 
representing  all  departments  in  order 
to  assure  that  the  right  systems  are 
developed.  As  a  result,  some  systems 
may  never  be  developed,  but  those 
that  are  should  be  the  ones  most  need¬ 
ed  by  the  corporation. 

If  an  activist  CIO  attempts  to  oper¬ 


ate  in  a  collaborative  IT  environment, 
there  will  be  significant  problems  — 
and  they’ll  usually  lead  to  a  short 
career.  Since  the  activist’s  approach  is 
decidedly  all  about  IT’s  vision,  the  de¬ 
ployment  of  systems  will  ultimately 
lead  to  resentment,  lack  of  support 
and  political  turf  battles  —  especially 
from  those  departments  not  included 
in  the  CIO’s  plan. 

A  collaborative  CIO  in  an  activist 
environment  will  also  have  a  short  ca¬ 
reer.  In  this  case,  a  lack  of  interest  and 
support  will  probably  drive  the  collab¬ 
orative  CIO  from  the  company.  This 
company  will  want  the  CIO  to  make 
all  the  calls,  yet  the  CIO  will  attempt 
to  achieve  some  form  of  consensus. 
Ultimately,  the  CEO  will  become  frus¬ 
trated  with  this  approach  and  see  the 
CIO  as  weak  and  indecisive. 

In  selecting  the  appropriate  CIO  for 
your  company,  it’s  essential  that  you 
determine  the  needs  of  your  company 
and  pick  the  proper  type  of  CIO  to 
fulfill  those  needs. 

Do  you  feel  that  IT  is  an  operational 
activity  that  should  be  managed  by  the 
IT  department?  If  so,  hire  an  activist 
CIO.  Get  a  Top  Gun  type  who  feels 
“it’s  my  way  or  else.” 

If,  on  the  other  hand,  you  feel  that 
IT  is  one  of  the  most  strategic 
weapons  in  your  arsenal  and  you  want 
your  entire  team  to  guide  its  use,  hire 
a  collaborative  CIO.  Get  a  business 
type  who  understands  the  business 
and  knows  how  to  build  consensus 
around  the  IT  agenda. 

If  you  choose  correctly,  systems  will 
be  created  to  fit  the  style  of  your  com¬ 
pany.  Choose  wrong,  and  the  CIO  po¬ 
sition  will  continue  to  be  a  revolving 
door  and  systems  development  will 
continue  to  suffer.  O  55998 

WANT  OUR  OPINION? 

OFor  more  columns  and  links  to  our  archives,  go  to 

www.computerworld.com/opinions 


DEAR  CEO:  During  my  40-year  career  in 
the  IT  business,  I  met  a  lot  of  CIOs,  and 
I  became  one  myself.  I  observed  two 
distinctly  different  types  that  I’ll  call  the 
activist  CIO  and  the  collaborative  CIO. 
Although  I  think  most  CIOs  use  each  approach  at  some 
time  in  their  careers,  each  has  a  dominant  type  that 
determines  how  they  generally  approach  their  job. 

The  activist  is  the  CIO  who  has  very  strong  opinions 
about  the  IT  needs  of  the  company  and  is  willing  to 


PAUL  M.  INGEVALDSON 

retired  as  CIO  at  Ace 
Hardware  Corp.  in  2004 
after  40  years  in  the  IT 
business.  Contact  him 

at  ingepi@aol.com. 


IT  consulting  firm  with  HQ  in 
Atlanta,  GA  has  multiple  open¬ 
ings  for  IT  professionals  to  serve 
multiple  clients  throughout  the 
U.S.  Job  duties  include:  Analy¬ 
sis,  design,  development  and 
testing  of  computer  applications. 
Specific  skill  sets  needed  in¬ 
clude: 

•  Net  developers  JO-OIO 

•  J2EE  developers  JO-020 

•  Data  warehousing  developers 
(Cognos/lnformatica,  Ablnitio/ 
Business  Objects)  JO-030 

•  Oracle  Developers/DBA 
JO-040 

•  Siebel  Developers  JO-050 

•  ATG  Developers  JO-060 

•  Systems  Administrators 
JO-070 

•  ERP  Consultants  -  Oracle/ 
Peoplesoft/SAP  JO-080 

Positions  require  either  a  B.S. 
degree  in  a  related  field  and  1-2 
yrs.  of  exp.  w/specific  skill  sets. 
Some  entry  level  positions  are 
available  &  require  a  M.S.  deg¬ 
ree  &  related  coursework  or  exp. 
Some  senior  level  positions  are 
also  available  &  require  5  yrs.  of 
progressive  exp.  Competitive 
salaries.  Must  be  willing  to  travel 
/relocate.  Send  resume  to: 
bwinter@mdicareers.com.  Refer 
to  specific  JO#  for  considera¬ 
tion.  Applicants  must  have 
authority  to  work  permanently  in 
the  U.S. 


Senior  Developer,  Applications. 
Chicago,  IL.  Citadel  Investment 
Group  is  currently  seeking  a 
qualified  candidate  to  be  re¬ 
sponsible  for  developing  event- 
driven  C++  UNIX  server  applica¬ 
tions  receiving  high-volume  data 
flow  for  equity  trading.  Will  work 
on  AUTEX,  quoting  engines, 
electronic  eyes,  cancellation  en¬ 
gines  and  high-speed  exchange 
connectivity. 

Qualifications  include  a  mini¬ 
mum  of  a  Bachelor's  degree  in 
Computer  Science  or  related 
field,  or  the  foreign  equivalent, 
and  at  least  three  years  of  C++ 
UNIX  development  experience. 
Must  also  have  experience  with 
real-time  development,  including 
UNIX  IPC  mechanisms  (sock¬ 
ets,  shared  memory),  UNIX  and/ 
or  POSIX  multithreading  devel¬ 
opment,  and  experience  devel¬ 
oping  event-driven  server  appli¬ 
cations  receiving  high-volume 
data  flow  from  scratch. 

Qualified  candidates  should 
submit  a  cover  letter  and 
resume,  job  reference  R-0022, 
to:  itjobs0022@citadelgroup.com. 
Principals  only  need  apply. 
CITADEL  IS  AN  EQUAL  OP¬ 
PORTUNITY  EMPLOYER. 


Software  Engineers  for  El 
Segundo,  CA  Design  &  test 
software  using  Java,  C, 
C++,  VB,  Winrunner,  Tux¬ 
edo,  Eclipse,  Corba,  RMI, 
RUP.  Masters  or  Equiva¬ 
lent**  required  in  Math,  Eng., 
Info  Systems  or  other  relat¬ 
ed  field  of  study  +  1  yr  of 
related  exper.  (**Equivalent: 
Bachelors  or  Equivalent  +  5 
yrs  of  progressive  related 
work  exper).  Contact  HR 
Manager  HAI  Associates, 
Inc.  880  Apollo  Street  Suite 
357  El  Segundo,  CA  90245. 


ObjectWin  seeks  System  Ana¬ 
lyst,  DBA  or  other  IT  profession¬ 
als.  Applicants  must  have  MS/ 
BS  or  equivalent.  Skills  in 
ASP. Net,  B2B,  VB,  Java,  HTML, 
VB.Net,  XSL,  CSS,  MS  CMS, 
SSL  &  MS  preferred.  Good 
wage.  Travel  required  for  some 
jobs.  Apply  at  skarande@ 
objectwin. com.  EOE.  No  calls. 

Corpus,  Inc  (Dallas,  TX)  has 
multiple  openings  for  IT  profes¬ 
sionals  (System  Analyst,  Soft¬ 
ware  engineers,  DBA,  etc)  to 
design  applications  using  Orac¬ 
le.  SAP,  SQL,  PL/SQL,  COBOL, 
etc.  Min  MS/BS  with  exp.  Travel 
maybe  required.  Please  send 
resumes  to  resumes@corpuslnc 
com.  EOE.  No  calls. 


Will  manage  existing  computer 
network,  design  &  expansion  of 
wired  and  wireless  broadband 
communication  network,  super¬ 
vision  of  network  staff,  provide 
guidance  to  the  field  personnel 
in  using  communication  test 
equipment  such  as  spectrum 
analyzers,  network  analyzers 
and  wireless  sniffers;  bench¬ 
mark  and  improve  existing  net¬ 
work,  maintain  specifications 
update  documentation  on  as 
needed  basis,  conduct  inter¬ 
views  and  contact  cooperative 
customers  for  the  purpose  of 
communicating  services  and 
distribute  policy.  Masters 
Degree  in  Telecommunications 
or  Computer  Engineering,  9 
months  experience  required  with 
at  least  6  months  in  advanced 
wireless  phased  array  antenna 
technology.  Competitive  wages, 
40  hrs  a  week,  Please  send 
resume  to:  HR,  ColumbiaREA, 
1 1 5  E.  Rees  Avenu,  Walla  Walla, 
WA  99362. 


Immediate  opening  for 
SOFTWARE  ENGI¬ 
NEER:  Software  de¬ 
velopment  company  in 
Trabuco  Canyon,  CA. 
Fax  resume  to  A1 
Alpha  Space,  Inc.  at 
(949)  713-4671. 


Software  Engineer:  McData 
seeks  applicants  for  the  position 
of  Software  Engineer  in  Broom¬ 
field,  CO.  Engage  in  analysis, 
design,  programming,  debug¬ 
ging  and  maintaining  enterprise 
application  software.  Require¬ 
ments  include  a  master’s  de¬ 
gree  in  computer  science,  work¬ 
ing  knowledge  of  Java  design  at 
a  production  level,  object-ori¬ 
ented  programming  and  design, 
J-Builder,  UML,  XML  and 
Eclipse.  Respond  by  resume  to 
Cherie  Henket,  McData,  4555 
Great  American  Parkway,  Santa 
Clara,  CA  95054. 


Systems  Analyst  III 

Provide  support  for  Oracle/ 
UNIX-based  applications  in 
Solaris.  Administrate  oracle 
database  including  OEM, 
RMAN,  OAS.  Code,  test  ap¬ 
plications  using  Perl,  C,  XML, 
Unix  scripts.  Requires  a  M.S. 
in  C.S.  or  related  field  with  1 
yr  related  exp.  Apply  to: 
Lamar  State  College-Orange, 
410  W.  Front  St.,  Orange,  TX 
77630.  Go  to  www.lsco.edu 
for  detail.  EO/TSUS  institu¬ 
tion. 


Computer  Software  En¬ 
gineer  w/exp.  in  design¬ 
ing/developing  services 
for  large-scale  enter¬ 
prise  application  inte¬ 
gration  to  work  in  New 
Orleans,  LA.  SAIC, 
please  apply  for  the 
position  online  at 
www.saic.com.  Must  ref 
job  code  ARM  123493. 


Software  Project  Manager  need¬ 
ed  w/Masters  in  Engg  or  Comp 
Sci  or  Math  &  lyr  exp  io  plan, 
organize,  direct  &  coord  d/base 
drive  s/ware  applies  dvlpd  using 
Oracle,  JSP,  J2EE  &  OC4J. 
Dsgn,  dvlp  &  create  s/ware  ap- 
plic  in  Java,  PL/SQL,  Servlets, 
EJBs,  Apache,  VB,  FTP  &  SMTP 
accdg  to  industry  standard  tech¬ 
niques,  principles  &  s/ware  dsgn 
patterns.  Gather  systm  reqmts 
from  clients  &  translate  these 
reqmts  to  in-house  dvlpmt  team 
&  assure  speedy  implmtn  & 
problem  resolution.  Dvlp,  main¬ 
tain  &  track  s/ware  enhance¬ 
ment  production  records.  Dvlp 
s/ware  for  recruiting  technolo¬ 
gies.  Provide  network  admin  in 
wireless  (Bluetooth,  mobile) 
technologies  &  network  security. 
Supv  2  Prgmrs.  Mail  resumes  to: 
Algomod  Technologies  Corp. 
116  John  St,  Ste  1406,  NY,  NY 
10038.  Job  Location:  NY,  NY. 


Programmer  Analyst  -  Design, 
develop,  test  wireless  mobile 
handheld-PDA  software  applica¬ 
tions  using  Appforge  MobileVB, 
SQL  Anywhere  Studio,  Manage 
Anywhere  Studio,  Microsoft  Win¬ 
dows  CE;  program  for  synchro¬ 
nization,  staging,  scanning,  im¬ 
aging,  modem,  wireless  &  print¬ 
ing.  Req  Bachelor's  dgr  in  CS  or 
related  with  2  yrs  work  exp. 

Software  Engineer  -  Analyze, 
design,  develop  web  applica¬ 
tions  &  tools  for  Distribution  sys¬ 
tems  using  Websphere,  Velocity, 
Java,  RMI,  Domino,  JavaScript, 
HTML,  DB2,  Sybase,  XML;  inte¬ 
gration  with  DB2  Database  & 
Stored  Procedures  on  AS/400. 
Req  Master's  dgr  in  CS  or  relat¬ 
ed  with  4  yrs  work  exp. 

EOE,  Drug  free,  Smoke  Free. 

Send  resume  to  Anderson  News 
LLC,  Attn  VP  of  IT,  PO  Box 
52570,  Knoxville,  TN  37950- 
2570. 


Seeking  qualified  applicants  for 
the  following  position  in  Prince¬ 
ton,  NJ:  Programmer/Analyst: 
Design,  develop,  configure 
code,  implement,  edit,  and 
maintain  user  application  pro¬ 
grams.  Modify  existing  applica¬ 
tion  and  provide  systems  sup¬ 
port.  Analyze  user's  requirement 
to  enhance  system  perfor¬ 
mance.  Req.  BS  or  equivalent  in 
CS,  CIS,  MIS,  ME,  EE,  CE  or 
related  field  with  5  yr.  exp.  in  job 
offered.  Must  be  proficient  in 
ERP,  SAP  and  PeopleSoft. 
Willing  to  re-locate  in  USA  as 
needed.  Send  resume  to 
kumar@e-zencomn.com. 


Wanted  a  Programmer  Analyst 
for  Asterix  Consulting  Inc,  job 
location  is  Manhattan,  New 
York,  with  a  Masters  in  Com¬ 
puter  Science  or  equivalent  de¬ 
gree  with  four  (4)  years  of  tech¬ 
nical  experience  with  skills  in 
Java,  J2EE,  JSP,  EJB,  Servlets, 
Struts,  XML,  and  SWING;  En¬ 
vironment  UNIX,  Windows;  VB 
6/ASP,  Oracle  9i  and  SAP 
Business  Warehouse.  Salary 
$75,000  per  annum  and  all 
standard  benefits.  Please  apply 
to  info@asterixusa.com  or  mail 
two  copies  to  HR  Manager,  303 
Fifth  Avenue,  Suite  1301,  New 
York,  NY  -  10016. 


Documentum  Developer 
w/exp.  in  software  pro¬ 
gramming  in  a  health¬ 
care  and  energy  envi¬ 
ronment.  Send  resume 
to  Wanda  Collins- 
Raleigh,  SAIC,  11490 
Westheimer  Blvd.,  10th 
FI.,  Houston,  TX  77077. 
Must  ref  job  code 
ARM  109221. 


COMPUTER  -  Software  Art 
Corp.,  a  s/w  consulting  firm, 
seeks  exp.  s/w  professionals  for 
its  clients  nationwide: 

S/W  ENGINEERS: 

--  Qo  programming,  MVC,  XML, 
XSLT,  Weblogic,  PL/SQL,  Orac¬ 
le,  LDAP,  Cryptography,  Win/ 
Unix/Solaris  for  financ'l  &  e-com 
appl.  CICS  Transaction  Gate- 
way  to  integrate  w/mainframe. 

-  Java,  Oracle,  Apache,  Web¬ 
logic,  SQL,  Webservices  for 
Enterprise  level  multiple  finan¬ 
cial  sys  in  investment  mgmt  env¬ 
iron. 

ERP  PROJ.  MANAGERS  - 
TECH: 

--  ERP  impl  in  higher  edu  envi¬ 
ron.  Lead  tech  proj  w/SCT  Ban¬ 
ner  s/w,  integrate  ERP  w/legacy 
using  EAI  technologies. 

Send  resume  to:  HR  Software 
Art  Corp.  3371  Lawrence  Com¬ 
mons,  #117,  Lawrenceville,  NJ 
08648. 


Sr.  Systems  Analyst,  Pension 
Plans,  Greenwich,  CT  (2  posi¬ 
tions):  Coordinate  install  +  tests 
of  computer  op.  system  software 
for  small  software  dvlpmnt  co. 
for  actuaries;  maintain/modify 
benefit  pension  plan  software; 
enter  code;  analyze  perform¬ 
ance  indicators;  review  system 
capabilities/workflow;  perform 
user  training  for  software  prod¬ 
ucts.  May  supervise  IT  staff. 
Skills  used:  ASP,  HTML,  C++, 
MS  Office,  SQL  Server  +  Win¬ 
dows  Server  env.  Must:  MA  (or 
equiv)  in  Comp.  Sc.,  Info  Syst¬ 
ems,  or  Math  plus  2  yrs.  exp, 
which  included  programming  of 
benefit  pension  plans;  will  also 
accept  BA  (or  equiv)  plus  5  yrs. 
exp.  (2  of  which  included  pro¬ 
gramming  of  benefit  pension 
plans).  Fax  Resume  to  B.  Sisko, 
Winklevoss,  203-861-5561. 


Radianz  seeks  Hosting  Adminis¬ 
trator/Application  Engineer  to 
administer  &  manage  Enterprise 
Monitoring  Systems  such  as  HP 
Open  View,  Smarts  Incharge, 
Veritas  Netbackup,  Open  View 
Internet  Services,  Network  Node 
Manager,  &  Content  Verification 
System  in  24x7  operating  env't. 
Bachelor’s  in  Eng  or  CS  &  2 
years  exp  in  network  admin, 
mgmnt  &  config  req'd.  Prior  exp 
must  incl.  admin.  &  maintenance 
of  HP  Open  View  Vantage  Point 
Operation  &  Smarts  Incharge. 
Must  be  avail,  to  wrk  nights, 
weekends  and/or  holidays  as 
req'd.  Nutley,  NJ.  Send  resumes 
to  Radianz,  P.O.  Box  R-4,  71 
Fifth  Avenue,  FI  5,  New  York,  NY 
10003.  Please  ref.  Code 
CW805IK. 


Software  Engineer  needed  w/ 
Bachelors  or  Foreign  Equiv  in 
Engg.  or  Comp.  Scie.  or  Math  & 
2  yrs  exp  to  analyze,  design, 
develop  &  customize  web  based 
applic.  using  C#,  ASP.NET,  ASP, 
VB,  COM,  JavaScript  &  HTML. 
Create  XML  based  web  servic¬ 
es.  Generate  reports  using  Crys¬ 
tal  Reports.  Perform  designing  & 
data  modeling  using  Microsoft 
Visio.  2  yrs  exp  as  a  Program¬ 
mer  Analyst  is  acceptable.  Mail 
Resumes  to:  Open  Systems 
Tech  Inc.,  225  W.  34  St.,  Ste 
#1715,  NY,  NY  10122.  Job  loc: 
NYC  or  in  any  unanticipated 
locations  in  U.S.A. 


Computer:  Software 
Engineer  (Pervasive 
&  SQL  RDBMS).  Mail 
to  William  Stucky  & 
Assoc.,  attn:  HR,  2 
Embarcadero  Ctr, 
#2220,  San  Francis¬ 
co,  CA  94111. 


Ads  Placed 
Weekly 

Didn’t  find 
the  IT 
Career 
Opportunity 
you  were 
looking  for? 


Check  back  weekly 
for  fresh  job  listings 
placed  by  top 
companies 
looking  for  skilled  IT 
professionals  like  you! 


IT 


careers 


800-762-2977 


Computerworld  -  August  22,  2005 


CW082205E/MW/W  1 


www.computerworld.com 


COMPUTERWORLD 

HEADQUARTERS 

One  Speen  Street,  P.O.  Box  9171 
Framingham,  MA  01701-9171 
Phone:  (508)  879-0700 
Fax:  (508)875-4394 


PRESIDENT/PUBLISHER/CEO 

Matthew  J.  Sweeney 
(508)  271-7100 
Fax:  (508)  270-3882 

SALES  BUSINESS  MANAGER 

Laureen  Austermann 
(508)  820-8522 

VICE  PRESIDENT/ 

GENERAL  MANAGER  ONLINE 

Martha  Connors 
(508)  620-7700 

EXECUTIVE  VICE  PRESIDENT/ 
STRATEGIC  PROGRAMS 

Ronald  L.  Milton 
(508)820-8661 

VICE  PRESIDENT/ 

HUMAN  RESOURCES 

Piper  Sheer 
(508)  820-8162 

EXECUTIVE  VICE  PRESIDENT/COO 

Matthew  C.  Smith 
(508)  820-8102 

VICE  PRESIDENT/ 

EDITOR  IN  CHIEF 

Don  Tennant 
(508)620-7714 

VICE  PRESIDENT/CIRCULATION 

Debbie  Winders 
(508)820-8193 

CIRCULATION 

Sr.  Circulation  Specialist/Diana  Turco.  (508)  820-8167 

1  PRODUCTION 

Vice  President  Production/Carolyn  Medeiros:  Production  Manag¬ 
er/Kim  Pennett;  Print  Display  Advertising:  (508)  820-8232, 
Fax:  (508)  879-0446:  DISTRIBUTION:  Director  of  Distribution 
and  Postal  Affairs/Bob  Wescott 

MARKETING 

Vice  President  of  Marketing/Matt  Duffy.  (508)  820-8145 

STRATEGIC  PROGRAMS  AND  EVENTS 

Vice  President  Strategic  Initiatives/Leo  Leger:  Vice  President  Busi¬ 
ness  Development/John  Amato:  Senior  Director,  Event  Sponsorship 
Sales/Ann  Harris:  Vice  President.  Event  Marketing  and  Conference 
Programs/Derek  Hulitzky;  Director,  Event  Management/Michael 
Meleedy:  Program  Director.  Computerworld  Honors  Program/Sandy 
Weill:  Sr.  Marketing  Specialist/Timothy  Johnson:  Sr.  Marketing  Spe¬ 
cialist/Matthew  Wintringham:  Sales  Programs  Specialist/Colin  Long- 
val:  Executive  Programs  Specialist/Deborah  Lee:  Custom  Events 
Specialist/Chris  Leger:  Conference  Manager/Nancy  Felsheim:  Opera¬ 
tions  Specialist/Chris  Johnson:  Customer  Service  Specialist/Mike 
Barbato;  Audience  Development  Coordinator/Shari  Ebb.  One  Speen 

f  Street.  Box  9171,  Framingham,  MA  01701-9171.  (508)  879-0700,  Fax: 
(508)626-8524 

ONLINE  ADVERTISING 

(Vice  President  of  Online  Sales/Gregg  Pinsky.  (508)  271-8013;  Director 
of  Online  Sales/Sean  Weglage,  (415)  978-3314,  Fax;  (415)  543-8010; 
Online  Sales  Manager,  East  Coast/James  Kalbach,  (610)  971-1588;  On¬ 
line  Account  Executive/Thanh  Tu.  (415)  978-3309.  Fax:  (415)  543- 
8010:  Online  Account  Services  Manager/Bill  Rigby,  (508)  820-8111.  Fax: 
(508)  270-3882;  Online  Account  Services  Specialist/Kathryn  Gory!, 
(508)  620-7760,  Fax:  (508)  270-3882,  Online  Sales  Assistant/Kathy 
Snow  (508)  270-7112;  One  Speen  Street.  Box  9171,  Framingham.  MA 
01701-9171,  Fax:  (508)  270-3882 

IT  CAREERS  ADVERTISING  SALES  OFFICE 

Director  of  Sales/Laura  Wilkinson,  (847)  441-8877.  Fax:  (847) 
441-8878;  One  Speen  Street,  Framingham,  MA  01701 

LIST  RENTAL 

POSTAL:  Rich  Green,  (508)  370-0832,  e-mail:  rgreen 
@idg!ist.com.  E-Mail:  Christine  Cahill,  (508)  370-0808, 
e-mail:  ccahill@idglist.com.  MAILING  ADDRESS:  IDG  List 
Services  PO  Box  9151.  Framingham,  MA  01701-9151,  Fax:  (508) 
370-0020 


AD  INDEX 


COMPUTERWORLD  August  22, 2005 


COMPUTERWORLD  SALES  OFFICES 


PRESIDENT/PUBLISHER/CEO 

Matthew  J.  Sweeney 
(508)  271-7100 
Fax:  (508)  270-3882 

SALES  BUSINESS  MANAOER 

Laureen  Austermann 
(508)820-8522 
Fax:  (508)  270-3882 


NORTHWESTERN  STATES  ■  CENTRAL  STATES 


ACCOUNT  DIRECTOR:  Jim  Barrett  (415)  978-3306: 
ACCOUNT  EXECUTIVE:  Coretta  Wright  (415)  978- 
3304, 501  Second  Street.  Suite  114,  San  Francisco.  CA 
94107,  Fax:  (415)  543-8010 


BAY  AREA 


ACCOUNT  DIRECTORS:  Jim  Barrett  (415)  978-3306. 
Sara  Culley  (415)  978-3307:  ACCOUNT  EXECUTIVES: 
Emmie  Hung  (415)  978-3308,  Coretta  Wright  (415)  978- 
3304. 501  Second  Street,  Suite  114,  San  Francisco,  CA 
94107.  Fax:  (415)  543-8010 


SOUTHWESTERN  STATES 


ACCOUNT  DIRECTOR:  Bill  Hanck  (949)  442-4006: 
ACCOUNT  EXECUTIVE:  Jean  Dellarobba  (949)  442- 
4053. 19200  Von  Karman  Avenue.  Suite  360.  Irvine,  CA 
92612,  Fax:  (949)  476-8724 


EASTERN  CENTRAL  STATES/  INDIANA 


ACCOUNT  DIRECTOR:  Peter  Mayer  (201)  634-2324: 
ACCOUNT  EXECUTIVE:  John  Radzniak  (201)  634- 
2323. 650  From  Road  -  2nd  Floor.  Paramus,  NJ  07652. 
Fax:  (201)  634-9289 


ACCOUNT  DIRECTOR:  Bill  Hanck  (949)442-4006: 
ACCOUNT  EXECUTIVE:  Jean  Dellarobba  (949)  442- 
4053. 19200  Von  Karman  Avenue,  Suite  360,  Irvine,  CA 
92612.  Fax:  (949)  476-8724 


NEW  ENGLAND  STATES 


ACCOUNT  MANAGER:  Deborah  Crimmings  (508)  271- 
7110.  One  Speen  Street,  Framingham.  MA  01701.  Fax: 
(508)  270-3882 


METRO  NEW  YORK 


ACCOUNT  DIRECTOR:  Peter  Mayer  (201)  634-2324: 
ACCOUNT  EXECUTIVE:  John  Radzniak  (201)  634- 
2323. 650  From  Road  -  2nd  Floor.  Paramus,  NJ  07652. 
Fax:  (201)  634-9289 


SOUTHEASTERN  STATES 


ACCOUNT  DIRECTOR:  Lisa  Ladle-Wallace  (904)  284- 
4972. 5242  River  Park  Villas  Dr.,  St.  Augustine,  FL  32092, 
Fax:(800)779-8622 


ADVERTISER’S  INDEX 


Cisco . 18, 19 

www.cisco.com 

Computer  Associates . 9 

www.ca.com 

Enterprise  Management  World . 24/25 

www.emwusa.com/cw 

Fujitsu  Computer  Systems 
Corporation . 11 

us.fujitsu.com/computers/senzices 

Hewlett-Packard  ProLiant  Server . 17* 

www.hp.com 

Hewlett-Packard  Integrity  Server . 4 

www.hp.com 

IBM  Software . 15.  39 

www.ibm.com 

IT  Management  Summit . 24 

www.itmanagementsummit.com 

Lenovo . 22-23 

www.lenovo.com 

Microsoft  Security . 27,  29 

microsoft.com/security/IT 

Microsoft  Windows  Server  System . 2-3 

microsoft.com/wssystem 

Oracle  Corp . 48 

www.oracle.com 

Robert  Half  Technology . 34 

www.rht.com 

Samsung . 13 

www.samsungusa.com 

Sterling  Commerce . 47 

www.sterlingcommerce.com 


‘Regional  Select  Edition 


Thi«  indtx  is  provided  as  an  additional  service.  The  publisher 
does  not  assume  any  liability  tor  errors  or  omissions. 


INTERNATIONAL 
DATA  GROUP 

CHAIRMAN  OF  THE  BOARD 

Patrick  J.  McGovern 

CEO 

Pat  Kenealy 

PRESIDENT,  IDO  COMMUNICATIONS 

Bob  Carrigan 

COMPUTERWORLD  is  a  business  unit  of  IDG,  the 
world's  leading  technology  media,  research  and  event 
company.  IDG  publishes  more  than  300  magazines 
and  newspapers  and  otters  online  users  the  largest 
network  of  technology-specific  sites  around  the  world 
through  IDG.net  (www.idg.net),  which  comprises  more 
than  330  targeted  Web  sites  in  80  countries.  IDG  is 
also  a  leading  producer  of  168  computer-related  events 
worldwide,  and  IDG's  research  company,  IDC,  provides 
global  market  intelligence  and  advice  through  51 
offices  in  43  countries.  Company  information  is 
available  at  www.idg.com. 

m  IDG 


Have  a  problem  with  your  Computerworld  subscription? 

We  want  to  solve  it  to  your  complete  satistaction.  and  we  want  to  do  it  fast. 

Please  write  to:  Computerworld,  P.O.  Box  3500,  Northbrook,  IL  60065-3500. 

Your  magazine  subscription  label  is  a  valuable  source  of  information  for  you  and  us.  You  can  help  us  by 
attaching  your  magazine  label  here,  or  copy  your  name,  address,  and  coded  line  as  it  appears  on  your 
label.  Send  this  along  with  your  correspondence. 

ADDRESS  CHANGES  OR  OTHER  CHANGES  TO  YOUR  SUBSCRIPTION 

All  address  changes,  title  changes,  etc.  should  be  accompanied  by  your  address  label,  if 
possible,  or  by  a  copy  of  the  information  that  appears  on  the  label,  including  the  coded  line. 

YOUR  NEW  ADDRESS  GOES  HERE:  |  ADDRESS  SHOWN:  □  Home  □  Business] 


NAME 


TITLE  COMPANY 


ADDRESS 

CITY  STATE  ZIP 

OTHER  QUESTIONS  AND  PROBLEMS 

It  is  better  to  write  us  concerning  your  problem  and  include  the  magazine  label.  Also,  address  changes 
are  handled  more  efficiently  by  mail.  However,  should  you  need  to  reach  us  quickly,  the  following  toll-free 
number  is  available  (888)  559-7327  Outside  U.S.  call  (847)  559-7322. 

Internet  address:  cw@omeda.com 

COMPUTERWORLD  allows  advertisers  and  other  companies  to  use  its  mailing  list  for  selected  offers  we  feel  would  be 
of  interest  to  you.  We  screen  these  offers  carefully.  If  you  do  not  want  to  remain  on  the  promotion  list  please  write  to 
the  following  address  -  COMPUTERWORLD,  Circulation  Department,  One  Speen  Street,  Framingham,  MA  01701 


COMPUTERWORLD  August  22, 2005 


RESOURCES 


www.computerworld.com 


How  to  Contact 

COMPUTERWORLD 


Marian  Prokop,  online  editor  at  large . (508)  620-7717 

David  Ramel,  e-mail  newsletter/online  editor  at  large... .(508)  820-8269 
John  R.  Brillon,  associate  art  director . (508)  820-8216 

Michael  Weiss,  Web  producer 
Peter  Smith,  Web  development  manager 
Kevin  Gerich,  Mark  Savory,  Web  developers 

RESEARCH 


We  invite  readers  to  call  or  write  with  their  comments 
and  ideas.  It  is  best  to  submit  ideas  to  one  of  the  department 
editors  and  the  appropriate  beat  reporter. 


Mari  Keefe,  research  manager 
Gussie  Wilson,  research  associate 

COPY  DESK 


Don  Tennant, 

editor  in  chief 
(508)620-7714 

Mitch  Betts, 

executive  editor 
(301)  262-8243 
Julia  King, 

executive  editor,  events 
(610)  532-7599 


Carol  Sliwa,  Windows;  Linux: 

RFID;  retail  industry . (508)  628-4731 

Marc  L.  Songini,  ERP;  supply  chain;  CRM; 

databases;  food  and  agribusiness . (508)  820-8182 

Patrick  Thibodeau,  enterprise  systems;  Unix; 

outsourcing  and  immigration;  antitrust  issues . (202)  333-2448 

Jaikumar  Vijayan,  corporate  security/privacy  issues; 
manufacturing  industry . (630)  978-8390 

Todd  R.  Weiss,  general  assignment;  open-source  community; 
intellectual  property  issues;  messaging/collaboration . (717)  560-5255 


Michele  Lee  DeFilippo,  managing  editor/production  ...(508)  820-8126 
Bob  Rawson,  assistant  managing  editor/production . (508)  271-8015 

Mike  Parent,  Monica  Sambataro,  senior  copy  editors 
Eugene  Demattre,  copy  editor 

GRAPHIC  DESIGN 

Stephanie  Faucher,  design  director . (508)  820-8235 

April  O’Connor,  associate  art  director 
Julie  Quinn,  senior  designer 
Susan  Cahill,  graphics  coordinator 
John  Klossner,  cartoonist 


DEPARTMENT 

EDITORS 


Craig  Stedman,  News  editor . (508)  820-8120 

Mike  Bucken,  assistant  News  editor . (508)  820-8562 

Tommy  Peterson,  Technology  editor . (508)  620-7729 


Kathleen  Melymuka,  Management  editor . (508)  820-8118 

REPORTERS 

Matt  Hamblen,  networking;  mobile/wireless; 

network/systems  management . (508)  820-8567 

Heather  Havenstein,  business  intelligence:  application  development; 
Web  services,  application  server  software;  health  care . (919)  386-0381 

Thomas  Hoffman,  IT  management  and  investment 

issues;  careers/labor;  energy  industry . (845)  988-9630 

Lucas  Mearian,  storage;  disaster  recovery  and 

business  continuity;  financial  services  industry . (508)  820-8215 

Linda  Rosencrance,  general  assignment: 

transportation  and  automotive  industries . (508)  628-4734 


OPINIONS 

Frank  Hayes,  senior  news  columnist . (503)  252-0100 

FEATURES 

Ellen  Fanning,  special  projects  editor . (508)  820-8204 

Robert  L.  Mitchell,  senior  editor . (508)  820-8177 

Mark  Hall,  editor  at  large . (503)  391-1158 

Gary  H.  Anthes,  national  correspondent . (703)  536-9233 

Julia  King,  national  correspondent . (610)  532-7599 


COMPUTERWORLD.COM 

Martha  Connors,  vice  president/general  manager . (508)  620-7700 

Ian  Lamont,  online  projects  editor . (508)  820-8187 

Sharon  Machiis,  managing  editor/online . (508)820-8231 

Ken  Mingis,  online  news  editor . (508)  820-8545 


ADMINISTRATIVE  SUPPORT 

Linda  Gorgone,  office  manager . (508)  820-8176 

CONTRIBUTING  EDITOR 

Jamie  Eckle,  Opinions . (617)  596-1873 

CONTRIBUTING  COLUMNISTS 

Michael  Gartenberg,  Dan  Gillmor, 

Paul  Glen,  Barbara  Gomolski,  John  Haiamka, 
Thornton  A.  May,  David  Moschella,  Bart  Perkins, 
Virginia  Robbins,  Bruce  A.  Stewart 

CONTRIBUTING  WRITERS 

Mary  Brands!,  Stacy  Collett,  Russell  Kay, 

Mary  K.  Pratt,  Drew  Robb 


GENERAL  INFORMATION 


TELEPHONE/FAX 

Main  phone  number - (508)  879-0700 

All  editors  unless  otherwise  noted  below 

Main  fax  number . (508)  875-8931 

24-hour  news  tip  line. . .  (508)  620-7716 

E-MAIL 

Our  Web  address  is 

www.computerworld.com. 

Staff  members’  e-mail  follows  this  form: 

firstnameJastname@computerworld.com. 

For  IDG  News  Service  correspondents: 

firstnamejastname@idg.com. 

LETTERS  TO  THE  EDITOR 

Letters  to  the  editor  are  welcome 
and  should  be  sent  to: 

letters@computerworld.com. 

Include  your  address  and  telephone  number. 

MAIL  ADDRESS 

PO  Box  9171, 1  Speen  Street, 
Framingham,  Mass.  01701 

SUBSCRIPTIONS/BACK  ISSUES 

Subscription  rates:  U.S.,  $99.99/year;  Canada, 
$130/year;  Central  and  South  America,  $250/yean 
all  others,  $295/year 

Phone . (888)559-7327 

E-mail . cw@omeda.com 

Back  issues . (888)  559-7327 

REPRINTS/PERMISSIONS 

Contact . Renee  Smith 

Phone . . (717)  399-1900,  ext.  172 

E-mail . reprints@computerworld.com 

Visit  www.reprintbuyer.com  to  obtain  quotes 
and  order  reprints  online. 


COMPANIES  IN  THIS  ISSUE 

Page  number  refers  to  page  on  which  story  begins.  Company  names  can  also  be 

searched  at  www.computerworld.com. 


3COM  CORP . 20 

ABC  NEWS . 16 

ACE  HARDWARE  CORP . 41 

ACTIONFRONT  DATA 

RECOVERY  LABS . 33 

ADOBE  SYSTEMS  INC . 32 

ADVANCED  MICRO 

DEVICES  INC . 12,  33 

AEA . 7 

AFCOM . 28 

AGILENT  TECHNOLOGIES  INC . 8 

ALTIRIS  INC . 16 

AMERICAN  POWER 

CONVERSION  CORP . 28 

AMERICAN  RADIO 

RELAY  LEAGUE . 8 

AMERICAN  SAVINGS  BANK . 25 

ANTI-PHISHING 

WORKING  GROUP . 6 

APACHE  SOFTWARE 

FOUNDATION . 12 

ARBOR  NETWORKS  INC . 16 

ASSOCIATION  OF  PUBLIC-SAFETY 
COMMUNICATIONS  OFFICIALS 

INTERNATIONAL  INC . 8 

AVAYA  INC . 8 

BEA  SYSTEMS  INC . 12 

BMC  SOFTWARE  INC . 16 

BORN  INFORMATION 

SERVICES  INC.  . .  . 41 

BURTON  GROUP . 12 

BUSINESS  OBJECTS  SA . 33 

CABLE  NEWS  NETWORK  LP  ....  1, 16 

CALIFORNIA  PUBLIC 

UTILITIES  COMMISSION . 8 


CAPELLA  UNIVERSITY . 41 

CARNEGIE  MELLON 

UNIVERSITY . 30 

CATERPILLAR  INC . 1 

CENTENNIAL  SOFTWARE  INC . 33 

CHELA  EDUCATION 

FINANCING . 38 

CHINA  STANDARD 

SOFTWARE  CO . 14 

CINERGY  CORP . 8 

CISCO  SYSTEMS  INC . . 20 

CITISTREET  LLC . 12 

CLOVIS  UNIFIED 

SCHOOL  DISTRICT . 10 

COUNTERPANE 

INTERNET  SECURITY . 33 

COVANSYS  CORP . 14 

CURRENT  ANALYSIS  INC . 12 

CURRENT  COMMUNICATIONS 

GROUP  LLC . 8 

CURRENT  TECHNOLOGIES  LLC ....  8 

CYBERTRUST  INC . 6 

DAIMLERCHRYSLER  AG . 1, 16 

DATALLEGRO  INC . 33 

DATAMONITOR  PLC . 25 

DELAWARE  INVESTMENTS  INC. ...  16 

DELL  INC . 14.  41 

DEVICESCAPE  SOFTWARE  INC.  .  .  33 

DIXON  TICONDEROGA  CO . 38 

DST  SYSTEMS  INC . 25 

EBG  CONSULTING . 38 

ECLIPSE  FOUNDATION . 33 

EDIFY  CORP . 25 

EEYE  DIGITAL  SECURITY . 1 

ELATA  LTD . 6 


EMC  CORP . 12 

EMULEX  CORP . 8 

ENCOMPASS . 7 

ENERGY  INSIGHTS . 1 

ESS  DATA  RECOVERY  INC . 33 

FEDERAL  COMMUNICATIONS 

COMMISSION . 8 

FORRESTER  RESEARCH  INC . 38 

FRENCH  SECURITY  INCIDENT 

RESPONSE  TEAM . 6 

F-SECURE  CORP . 16 

GARTNER  INC . 1. 19 

GENERAL  ELECTRIC  CO . 1, 14 

GEORGIA  POWER . 14 

GLOBiX  CORP . 28 

GOLDMAN  SACHS  &  CO . 8 

GOOGLE  INC . 8,  20,  30 

GREAT  LAKES  EDUCATIONAL 

LOAN  SERVICES  INC . 38 

GTECH  HOLDINGS  CORP . 25 

HARRIS  INTERACTIVE . 40 

HEWLETT-PACKARD  CO . 7.  8, 

. 14.  28 

HSBC  TECHNOLOGY  & 

SERVICES . 40 

HU  AWE  I  TECHNOLOGIES  CO . 20 

IBM . 1,8,10,12.25.28 

IDC . 1,10,14,19 

IEEE-USA . 7 

ILLUMINATA  INC . 28 

IMMUNIX  INC . 1 

INFINITY  WORLDWIDE 
TELECOMMUNICATIONS 

GROUP  OF  COMPANIES . 14 

INFORMATION  TECHNOLOGY 
ASSOCIATION  OF  AMERICA  ....  7.  40 

INFOSYS  TECHNOLOGIES  LTD . 1 

INFRAVIO  INC . 12 

INTEL  CORP . 6,8,33 

INTEREX . 7 

INTERVOICE  INC . 25 

IONA  TECHNOLOGIES  PLC . 12 


ISUPPLI  CORP . 14 

JET  PROPULSION  LABORATORY. .  41 

JUNIPER  NETWORKS  INC . 32 

KARTEN  ASSOCIATES. . 38 

KENT  STATE  UNIVERSITY . 28 

KINDRED  HEALTHCARE  INC . 16 

KOHLBERG  KRAVIS 

ROBERTS  &  CO . 8 

LAKOTA  EXPRESS . 40 

LI  EBERT  CORP . 28 

LINCOLN  NATIONAL  CORP . 16 

LOS  ALAMOS  NATIONAL 

LABORATORY . 30 

LOTUS  DEVELOPMENT  CORP . 8 

LUMILEDS  LIGHTING  LLC . 8 

MCAFEE  INC . 16 

META  GROUP  INC . 20 

MICROSOFT  CORP . 1,  6, 10, 16. 

. 25.  30,  32.  46 

NATIONAL  ASSOCIATION  OF 
SOFTWARE  AND  SERVICES 

COMPANIES . 40 

NATIONAL  GEOGRAPHIC 

SOCIETY . 10 

NETWORK  SERVICES  CO . 21 

NEW  YORK  STATE  OFFICE  OF 
CYBER  SECURITY  AND  CRITICAL 
INFRASTRUCTURE 

COORDINATION . 6 

NIIT  LTD . 6 

NLG  INC . 12 

NORTHEAST  UTILITIES 

SERVICE  CO . 1.45 

NOVELL  INC . 10.14 

ONTRACK  DATA  RECOVERY . 33 

ONYX  SOFTWARE  CORP . 19 

OUELLETTE  &  ASSOCIATES 

CONSULTING  INC . 35.  36.  38 

PHILIPS  ELECTRONICS  NV . 8 

PHOENIX  CENTER  FOR 
ADVANCED  LEGAL  AND 
ECONOMIC  POLICY  STUDIES . 8 


PINNACLE  CALL 

CENTER  SOLUTIONS . 45 

PIVX  SOLUTIONS  INC . 1.  33 

PRICELINE.COM  INC . . . 41 

PRICEWATERHOUSECOOPERS . 1 

PRODIGY  SERVICES  CORP . 41 

PROGRESS  SOFTWARE  CORP. ...  33 

PROLOGSS . 16 

PUBLIC  SERVICE  OF 

NEW  HAMPSHIRE . 1 

QLOGIC  CORP. . 8 

QUALCOMM  INC . . 6 

RACKABLE  SYSTEMS  INC . 8 

RAINFINITY  INC . 12 

ROCHESTER  INSTITUTE  OF 

TECHNOLOGY . 7 

SABRE  HOLDINGS  CORP. . 12 

SANS  INSTITUTE . 6 

SAP  AG . 1 

SCHNEIDER  NATIONAL  INC . 41 

SEALCO  INC . 28 

SEEBEYOND 

TECHNOLOGY  CORP . 12 

SIEBEL  SYSTEMS  INC . 19 

SIERRA  HEALTH  SERVICES  INC.. . .  19 

SILVER  LAKE  PARTNERS . 8 

SONIC  SOFTWARE  CORP . 12 

SOPHOS  INC . 31 

SOPHOSLABS . 31 

SPHERION  CORP . 40 

SPL  WORLDGROUP  INC . 1 

STRATEGY  ANALYTICS  INC . 14 

SUN  MICROSYSTEMS  INC . 6.12 

SYGATE  TECHNOLOGIES  INC . 12 

SYMANTEC  CORP . 12.  32 

THE  451  GROUP . 25 

THE  CONNECTICUT  LIGHT  AND 

POWER  CO . 1 

THE  KRYSTAL  CO . 19 

THE  NEW  YORK  TIMES  CO . 1. 16 

THE  NYHART  CO . 38 

THE  UPTIME  INSTITUTE . 28 


THELADDERS.COM  INC . 41 

TRANSMETA  CORP. . 30 

TRAVELOCITY.COM  LP . 12 

TREND  MICRO  INC . 16 

TRINITY  HEALTH . 28 

TRUMAN  MEDICAL 

CENTERS  INC . 35, 36 

TUMBLEWEED 

COMMUNICATIONS  CORP. . 38 

TUVOX  INC . 25 

TV  GUIDE . 25 

U.S.  AIRFORCE . 6 

U.S.  CITIZENSHIP  AND 

IMMIGRATION  SERVICES . 7 

U.S.  DEPARTMENT  OF 

HOMELAND  SECURITY . 1 

U.S.  FOOD  AND 

DRUG  ADMINISTRATION . 41 

U.S.  MILITARY  ACADEMY 

AT  WEST  POINT . 6 

UBS  AG . 14 

ULINE  INC . 1 

UNISYS  INC . 1 

UNIVERSITY  OF  CALIFORNIA. 

LOS  ANGELES . 40 

UNIVERSITY  OF 

PENNSYLVANIA . 31 

URBAN  INSTITUTE . 7 

VERIZON 

COMMUNICATIONS  INC . .  38 

WEBMETHODS  INC . 1 

WEBSENSE  INC . 6 

WESTERN  MASSACHUSETTS 

ELECTRIC  CO . 1 

WS02 . 12 

YANKEE  GAS  SERVICES  CO . 1 


www.computerworld.com 


NEWS 


COMPUTERWORLD  August  22,  2005 


Continued  from  page  1 

Utility 

the  company  looked  at  pack¬ 
aged  CIS  offerings  from  ven¬ 
dors  such  as  SAP  AG  and  SPL 
WorldGroup  Inc.  But,  he  not¬ 
ed,  it  would  have  cost  NU  an 
estimated  $140  million-plus 
to  purchase  and  install  such 
packaged  CISs  and  develop  a 
common  set  of  customer  ser¬ 
vice  business  proc¬ 
esses. 

By  customizing 
and  enhancing  the 
older  IBM  CIS  al¬ 
ready  used  by  its 
Yankee  Gas  Ser¬ 
vices  Co.  sub¬ 
sidiary,  NU  ex¬ 
pects  to  pare  those 
costs  to  roughly 
60%  of  what  it 
would  have  spent 
on  an  external 
package,  Charette 
said. 

NU  has  hired 
IBM  and  India- 
based  Infosys 
Technologies  Ltd. 
to  provide  about 
20  on-site  contrac¬ 
tors  and  50  to  70 
offshore  workers 
to  design  and  de¬ 
velop  the  new  sys¬ 
tem.  About  70  NU  IT  and  cus¬ 
tomer  service  managers  and 
staffers  are  also  working  on 
the  project,  he  added. 


NU  has  a  separate  contract 
with  IBM  to  convert  cus¬ 
tomer  data  from  the  IDMS 
and  flat-file  VSAM  CIS  data¬ 
bases  that  are  being  consoli¬ 
dated,  said  Domenic  Gugli- 
otti,  IT  project  manager  for 
NU’s  CIS  group. 

Customized  Savings 

The  packaged  CISs  that  NU 
reviewed  were  scalable  and 
worked  on  both  distributed- 
computing  and 
mainframe  plat¬ 
forms,  according 
to  Gugliotti. 

“But  the  total 
cost  of  the  system 
wasn’t  going  to 
deliver  sufficient 
incremental  value 
above  what  we 
were  spending  on 
the  IBM  system,” 
he  said.  For  in¬ 
stance,  NU  plans 
to  introduce  a 
new  rate  plan  for 
some  of  its  busi¬ 
nesses  starting 
in  2007,  and  the 
IBM  CIS  already 
supports  those 
requirements,  he 
said. 

The  cost  to  in¬ 
stall  a  new  pack¬ 
aged  CIS  often 
runs  at  about  $50  per  cus¬ 
tomer  for  energy  companies, 
said  Rick  Nicholson,  an  ana¬ 
lyst  at  market  research  Firm 


Energy  Insights,  a  division  of 
IDC.  Since  NU  has  2  million- 
plus  customers  and  plans  to 
do  a  substantial  amount  of  CIS 
customization,  “it’s  altogether 
possible  that  a  new  CIS  sys¬ 
tem  would  end  up  costing  it 
upwards  of  $140  million,”  said 
Nicholson. 

Because  NU  is  revamping 
its  existing  IBM  CIS,  the  esti¬ 
mated  price  tag  for  its  cus¬ 
tomer  service  integration 
efforts  still  falls  “below  the 
industry  average,”  Nicholson 
added. 

NU  plans  to  put  the  new 


HARTFORD.  CONN. 

A  key  piece  of  Northeast  Utili¬ 
ties'  mammoth  customer  service 
integration  project  is  the  creation 
of  a  common  set  of  customer 
service  processes. 

The  utility  sought  to  develop 
a  procedure  that  would  let  ser¬ 
vice  representatives  resolve 
problems  for  customers  of  any 
one  of  its  four  business  units. 

The  effort  that  was  completed 
earlier  this  year  and  the  process¬ 
es  that  will  be  put  into  practice 
next  year  were  drawn  from  best 
practices  suggested  by  line 
managers  and  executives  from 
each  of  NU’s  subsidiaries,  said 
Kevin  Charette,  project  director 
for  the  customer  service  integra¬ 
tion  project  at  NU.  The  project’s 


CIS  into  production  for  its 
customer  service  teams  at  The 
Connecticut  Light  and  Power 
Co.,  Yankee  Gas  and  Western 
Massachusetts  Electric  Co.  by 
March  2007  and  at  its  Public 
Service  of  New  Hampshire 
subsidiary  by  October  of  that 
year,  said  Charette. 

Development  of  a  set  of 
business  processes  for  the 
new  system  has  already  been 
completed  (see  related  story, 
below). 

Gugliotti  said  the  develop¬ 
ers  of  the  updated  system  have 
been  able  to  reuse  code  from 


developers  created  about  70 
distinct  processes,  he  said. 

“In  the  beginning,  it  was  con¬ 
sidered  daunting  because  we 
were  taking  business  practices 
from  four  different  companies," 
said  Charette.  “But  we  worked 
through  all  these  issues." 

The  successful  creation  of 
the  process  was  achieved,  in 
part,  by  layering  the  customer 
service  integration  project  team 
with  managers  and  staff  from 
the  four  operating  companies. 
Pinnacle  Call  Center  Solutions 
in  Lake  Forest,  Calif.,  helped  NU 
identify  best  practices  across 
those  business  units,  said 
Charette. 

“We  took  this  very,  very  seri¬ 
ously,”  said  Domenic  Gugliotti, 


other  NU  applications  by  us¬ 
ing  enterprise  application  in¬ 
tegration  software  from  Web- 
Methods  Inc. 

Peripheral  systems  being 
interfaced  into  the  CIS  will 
provide  natural  speech  recog¬ 
nition,  integrated  voice  re¬ 
sponse,  Web  self-service  and 
telephony  capabilities,  said 
Charette.  O  56324 


MORE  THIS  ISSUE 

To  learn  about  recent  advances  in 
natural  speech  recognition  applications 
for  customer  service  call  center  systems, 
please  turn  to  page  25. 


IT  project  manager  for  the  CIS 
group. 

NUis  planning  to  add  up  to 
100  temporary  customer  service 
representatives  late  next  year  so 
that  its  existing  reps  can  take 
turns  being  trained  on  the  re¬ 
vised  CIS.  “You  have  to  fly  the 
airplane  while  you’re  changing 
the  engine,”  said  Charette. 

The  consolidation  of  six  call 
centers  into  two  virtual  centers 
should  result  in  a  20%  reduction 
in  NU’s  customer  service  staff, 
said  Charette.  Most,  if  not  all,  of 
the  reductions,  which  will  affect 
managers,  salaried  staff,  cus¬ 
tomer  service  reps  and  IT  work¬ 
ers,  will  be  made  through  attri¬ 
tion,  said  Charette. 

-  Thomas  Hoffman 


packaged  CIS] 
wasn’t  going  to 
deliver  sufficient 


incremental  value 
above  what  we 
were  spending 
on  [customizing] 
the  IBM  system. 


DOMENIC  GUGLIOTTI. 
IT  project  manager, 
Northeast  Utilities 


User  Input  Key  to  Success  of  NU  Integration  Project 


Germany  Launches  IT  Security  Initiative 


Interior  minister 
says  companies 
need  to  do  more 
to  protect  systems 

BY  JOHN  BLAU 

The  German  government, 
looking  to  better  protect  the 
country’s  systems  from  virus¬ 
es  and  other  attacks,  last  week 
announced  a  national  IT  secu¬ 
rity  plan  that  includes  the  es¬ 
tablishment  of  a  computer 


emergency  response  center. 

The  plan,  unveiled  Thurs¬ 
day  in  Berlin  by  Interior  Min¬ 
ister  Otto  Schily,  emerged  as 
Germany  is  struggling  to  come 
to  grips  with  increasing  at¬ 
tacks  on  IT  systems  in  both 
the  public  and  private  sectors. 

“We  must  deal  with  threats 
of  a  new  quality  and  quantity,” 
Schily  said  at  a  news  confer¬ 
ence,  adding  that  the  country 
as  a  whole  still  isn’t  fully  aware 
of  the  harm  that  can  be  caused 
by  cyberthreats  like  viruses, 


worms  and  phishing  attacks. 

The  lack  of  commitment  by 
many  German  companies  to 
IT  security  is  worrying,  Schily 
said.  Some  corporate  execu¬ 
tives  wait  until  they  have  an 
acute  problem  before  taking 
steps  to  improve  their  IT  de¬ 
fenses,  he  noted.  Home  users 
also  underestimate  the  need  to 
safeguard  systems,  the  minis¬ 
ter  warned. 

The  government’s  “National 
Plan  to  Protect  IT  Infrastruc¬ 
tures”  has  three  major  goals: 


preventing  attacks,  enabling 
swift  responses  to  ones  that 
do  occur  and  encouraging  the 
widespread  adoption  of  com¬ 
mon  security  practices. 

The  Federal  Office  for  Secu¬ 
rity  in  Information  Technolo¬ 
gy,  known  by  its  German  acro¬ 
nym  BSI,  will  play  a  key  role 
in  the  effort  by  developing  and 
implementing  new  security 
standards  within  the  public 
sector  and  publishing  guide¬ 
lines  for  corporate  users. 

Schily  said  the  BSI  will  also 
house  the  new  computer 
emergency  response  center, 


which  will  collaborate  with  IT 
security  services  vendors.  The 
center’s  planned  responsibili¬ 
ties  include  sending  e-mail 
alerts  about  potential  threats 
and  responding  to  attacks  via 
a  technical  support  hot  line. 

Schily  called  Germany’s 
plan  the  first  of  its  kind  in  the 
European  Union  and  said  he 
hopes  that  other  members  will 
be  encouraged  to  follow  the 
country’s  lead  with  similar  ini¬ 
tiatives.  ©  56351 


Blau  writes  for  the  IDG 
News  Service. 


Periodical  postage  paid  at  Framingham,  Mass.,  and  other  mailing  offices.  Posted  under  Canadian  International  Publication  agreement  #40063800.  CANADIAN  POSTMASTER:  Please  return  undeliverable  copy  to  PO  Box  1632.  Windsor,  Ontario  N9A  7C9.  Computerworld  (ISSN  0010-4841)  Is  published 
weekly  except  a  single  combined  issue  for  the  last  two  weeks  in  December  by  Computerworld.  Inc.,  1  Speen  Street.  Box  9171,  Framingham.  Mass.  01701-9171.  Copyright  2004  by  Computerworld  Inc.  All  rights  reserved.  Computerworld  can  be  purchased  on  microfilm  and  microfiche  through  University 
Microfilms  Inc  300  N  Zeeb  Road.  Ann  Arbor,  Mich.  48106.  Computerworld  Is  indexed.  Back  Issues.  If  available,  may  be  purchased  from  the  circulation  department.  Photocopy  rights:  permission  to  photocopy  for  internal  or  personal  use  Is  granted  by  Computerworld  Inc.  for  lit 
tered  with  the  Copyright  Clearance  Center  (CCC).  provided  that  the  base  fee  of  $3  per  copy  of  the  article,  plus  50  cents  per  page,  is  paid  directly  to  Copyright  Clearance  Center,  27  Congress  St.,  Salem.  Mass.  01970.  Reprints  (minimum  100  copies)  and  per¬ 
mission  to  reprint  may  be  purchased  from  Renee  Smith.  Computerworld  Reprints,  c/o  Reprint  Management  Services.  Greenfield  Corporate  Center.  1808  Colonial  Village  Lane.  Lancaster,  Pa..  17601.  (717)  399-1900,  Ext.  172.  Fax:  (717)  399-8900.  Web  site:  Jgfc'RpA 
www  reDrintbuver  com.  E-mail:  reprints@computerworld.com.  Requests  for  missing  Issues  will  be  honored  only  if  received  within  60  days  of  issue  date.  Subscription  rates:  $5  per  copy:  U.S.  -  $99.99  per  year;  Canada  -  $130  per  year;  Central  &  So.  America.  It. r7/!y. 

$250  per  year-  Europe  -  $295  per  year;  all  other  countries  -  $295  per  year.  Subscriptions  call  toll-free  (888)  559-7327.  POSTMASTER:  Send  Form  3579  (Change  of  Address)  to  Computerworld,  PO  Box  3500,  Northbrook,  III.  60065-3500. 


Draries  ana  otner  users  reals- 

ABM 


48  COMPUTERWORLD  August  22, 2005 


THE  BACK  PA6E 


www.computerworld.com 


FRANK  HAYES  ■  FRANKLY  SPEAKING 

Lessons  Not  Learned 


WHAT  HAVE  WE  learned  from  the  current  stam¬ 
pede  of  Windows-infecting  worms  with  names 
like  Zotob,  Esbot,  Bobax  and  Spybot  (see  story, 
page  1)?  First  lesson:  If  you  want  to  raise  public 
awareness  about  a  tired  old  subject  like  computer 
worms,  just  gore  the  oxes  of  reporters  and  editors  at  CNN,  The  New 
York  Times,  The  Associated  Press  and  ABC  News.  There’s  nothing 
like  personal  pain  to  freshen  up  a  story.  In  CNN’s  case,  there’s  noth¬ 
ing  like  having  it  happen  on  live  TV. 

Second  lesson:  Uh,  is  there  a  second  lesson? 


Probably  not.  After  all,  we  already  knew  that 
the  most  common  security  hole  is  a  buffer  that 
can  overflow  if  the  code  filling  it  doesn’t  check 
for  input  length.  That’s  the  programming  flaw 
that  these  worms  exploit  —  a  flaw  that’s  been 
around  since  1988,  when  the  notorious  “Morris 
worm”  brought  a  much  smaller  Internet  to  its 
knees  with  a  buffer  overflow  attack. 

We  already  knew  that  it’s  a  good  idea  for 
vendors  to  release  patches  as  soon  as  vulnera¬ 
bilities  are  made  public.  To  Microsoft’s  credit,  it 
shipped  a  patch  the  day  it  announced  the  secu¬ 
rity  hole.  (But  no  points  to  Microsoft  for  ship¬ 
ping  products  with  the  hole  in  the  first  place.) 

We  already  knew  that  stretched-thin  IT  staffs 
have  a  tough  time  applying  those  patches 
quickly,  because  it  takes  time  to  test  and  then 
roll  them  out  to  servers  and  desktop  PCs. 

We  already  knew  that  publishing  exploit  code 
that  can  easily  be  pasted  into  worm  programs  is 
not  helpful.  Well,  it’s  helpful  to  worm  writers, 
but  not  to  the  rest  of  us.  Such  code  was  report¬ 
edly  published  on  a  security  Web  site  the  day 
after  Microsoft  got  its  patch  out  the  door.  Three 
days  later,  the  Zotob  worm  was  in  the  wild,  in¬ 
fecting  Windows  machines. 

We  already  knew  that  worm  writ¬ 
ers  both  share  information  and 
compete  with  one  another.  It’s  no 
great  surprise  that  within  hours, 

Zotob  was  joined  by  other  worms 
exploiting  the  same  hole  —  and 
hammering  away  at  Windows  users. 

So  maybe  there  just  isn’t  a  lot  to 
learn  from  this  round  of  being  over¬ 
run  by  worms. 

But  isn’t  it  time  we  stopped  treat¬ 
ing  worm  outbreaks  as  learning 
experiences? 

Isn’t  it  time  for  Microsoft  to  stop 
selling  operating  systems  with 


buffer  overflow  security  holes?  That  wouldn’t 
require  bug-free  programming  —  just  looking 
for  and  eradicating  one  particular  kind  of  bug. 

Yes,  Microsoft  is  trumpeting  that  Vista  (nee 
Longhorn)  will  be  safe  from  buffer  overflows 
when  it  ships  next  year.  Then  again,  that  prom¬ 
ise  was  originally  based  on  Longhorn  using 
.Net,  which  automatically  checks  buffers  every 
time  they’re  accessed.  But  now  Microsoft  re¬ 
portedly  has  replaced  most  uses  of  .Net  in 
Longhorn/Vista  with  code  written  by  hand. 
That’s  so  Vista  can  meet  its  2006  deadline  — 
secure  or  not. 

And  isn’t  it  time  for  Microsoft’s  partners  and 
competitors,  whether  proprietary  vendors  or 
open-source  projects,  to  eradicate  all  buffer 
overflows  too?  This  isn’t  brain  surgery  —  it’s 
more  like  good  hygiene.  For  new  code,  it’s 
simple:  Just  make  sure  every  buffer  access  is 
checked.  Existing  code  is  a  bigger  pain,  but  if 
we  found  every  reference  to  a  two-digit  year 
during  the  run-up  to  Y2k,  we  can  find  every 
buffer  access. 

Finally,  isn’t  it  time  corporate  IT  stopped  ac¬ 
cepting  buffer  overflow  bugs  from  any  pro¬ 
grammer  —  vendor,  consultant  or  in-house?  It’s 
not  impossible,  or  even  difficult. 
Every  programmer  knows  how  to 
write  software  that  doesn’t  have 
this  bug.  Every  enterprise  deserves 
software  that  doesn’t  expose  the 
business  to  attacks,  downtime  and 
financial  loss. 

It’s  time  to  demand  business- 
quality  code  —  the  kind  our  man¬ 
agement  should  expect  from  a 
business-quality  IT  shop. 

Otherwise,  well  just  be  showing 
that  when  it  comes  to  buffer  over¬ 
flow  attacks,  we’ve  really  learned 
nothing  at  all.  ©  56294 


frank  hayes,  Computer- 
world's  senior  news  colum¬ 
nist,  has  covered  IT  for  more 
than  20  years.  Contact  him  at 

frank.hayes@cotnputerworld.com. 


Out  to  Lunch 

It’s  the  late  1980s,  and  this  pilot  fish’s  boss  at  a  non¬ 
profit  agency  has  a  brainstorm.  “He  wanted  to  provide 
a  menu-driven  telephone  system  that  would  let  local 
boaters  and  fishermen  call  in  for  information  on  river 
levels,”  says  fish.  “I  was  invited  to  a  lunch  with  the  lo¬ 
cal  phone  company  to  discuss  it.  Being  new  to  the 
project,  I  started  by  asking  what  percentage  of  the  tar¬ 
geted  rural  population  had  touch-tone  phone  service 
-  a  must-have  for  menu-driven  phone  systems.  As  I 
remember,  the  chicken  salad  was  delicious  and  the 
project  was  never  discussed  again." 


Unclear  on 
The  Concept 

Redesigned  Web 
site  gets  a  new 
feature:  a  search 
box  in  the  top  right 
comer  of  every  page. 
“Wanting  some  user 
feedback,  I  sent  out  a 
brief  survey  to  the  em¬ 
ployees  them  try 
it  out,”  says  the  pilot  fish 
who  built  it.  “One  re¬ 
sponse:  ‘I  like  that  you 
have  a  search  button, 
but  what  is  the  blank 
box  to  the  left  of  it  for? 
Aren’t  you  going  to  put 
something  in  there?’  ” 

Not  Impressed 

Sysadmin  pilot  fish  is 
working  in  the  server 
room  when  the  assistant 
group  supervisor  comes 
in  with  an  interviewee. 
The  supervisor  “pointed 
at  various  things,”  says 
fish.  “Then  he  asked  me, 
‘Hey,  how  much  does 
this  hold?’  while  point¬ 
ing  at  the  big  gray  box 
on  the  wall.  ‘40KVA,’  I 
replied.  ‘No,  not  how 
much  power  does  it  use. 
How  much  data  does  it 
hold?’  I  paused  a  sec¬ 
ond,  then  said,  ‘None, 
that’s  the  UPS.’”  He 
looked  at  the  box,  then 
led  the  interviewee  out. 
“I  never  found  out  if  we 
turned  him  down  or  he 
turned  us  down.” 


Text  It 

Applicants  for 
clerical  posi¬ 
tions  at  this 
company  take  a 
test  for  computer  skills, 
says  a  manager  pilot 
fish.  “One  candidate 
was  presented  with  a 
spreadsheet  containing 
column  headings  show¬ 
ing  the  years  1999, 

2000  and  2001  and  was 
instructed  to  format  the 
range  as  text,”  fish  says. 
“The  end  result  was 
new  column  headings 
reading:  one-thousand- 
nine-hundred-ninety- 
nine,  two-thousand, 
two-thousand-one.” 

Aha! 

Pilot  fish  can’t  figure  out 
why  one  supervisor  los¬ 
es  her  mainframe  con¬ 
nection  a  few  times  each 
week.  “We  checked 
everything  and  even 
hooked  up  a  sniffer,” 
says  fish.  But  a  few 
weeks  later,  he’s  having 
lunch  with  a  buddy  from 
the  help  desk.  “He  asked 
if  I  remembered  the  su¬ 
pervisor  that  everyone 
despised,”  fish  reports. 
“He  said  that,  a  couple 
of  times  a  week,  he 
would  dump  her  connec¬ 
tion  -  just  because  he 
could.  After  that  lunch, 
the  problem  mysterious¬ 
ly  went  away.” 


SHARK 

TANK*. 


©SOLVE  A  PROBLEM  FOR  SHARKY.  Send  me  your 
true  tale  of  IT  life  at  sharky@computerworid.com. 

You’ll  snag  a  snazzy  Shark  shirt  if  I  use  it.  And  check  out  the 
daily  feed,  browse  the  Sharkives  and  sign  up  for  Shark  Tank 
home  delivery  at  computerworld.com/sharky. 


r 


73%  of  the  FORTUNE  100®  and  76% 
of  the  European  100  compared  business 
collaboration  providers  and  came  to 
a  single  conclusion. 


Many  of  the  world's  most  successful  organizations  rely  upon  Sterling  Commerce  to  automate  their  business 
processes,  so  they  can  exchange  critical  information  with  their  trading  partners,  subsidiaries  and  customers. 
Reliably.  Securely.  And  regardless  of  the  application  being  used.  Sterling  Commerce  delivers  the  first  platform  to 
meet  all  the  complex  challenges  of  real-world  multi-enterprise  collaboration.  Find  out  what  so  many  companies 
already  know.  Speak  to  a  Sterling  Commerce  representative  today.  Or  visit  www.sterlingcommerce.com 

BUSINESS  APPLICATIONS  /  BUSINESS  INTEGRATION  /  BUSINESS  INTELLIGENCE  /  BUSINESS  PROCESS  MANAGEMENT  /  SOLUTION  DELIVERY 


sterling  commerce 


©2005  Sterling  Commerce,  Inc.  ALL  RIGHTS  RESERVED.  Sterling  Commerce  and  the  Sterling  Commerce  logo  are  trademarks  of  Sterling  Commerce,  inc.  Sterling  Commerce  is  an  SBC  Communications,  Inc. 
company.  FORTUNE  is  a  registered  mark  of  Time  Inc. 


Oracle  Database 


World's  #1 
^For  Small 


Database 

Business 


Easy  to  use.  Easy  to  manage. 
Only  $149  per  user. 


oracle.com/standardedition 
or  call  1.800.633.0753 


Terms,  conditions,  and  limitations  apply.  Pricing,  specifications,  availability  and  terms  of  offers  may  change  without  notice.  Taxes,  fees  and  shipping  charges 
extra,  vary  and  are  not  subject  to  discount.  Oracle  Database  Standard  Edition  One  is  available  with  Named  User  Plus  licensing  at  $149  per  user 
with  a  minimum  of  five  users  or  $4995  per  processor.  Licensing  of  Oracle  Standard  Edition  One  is  permitted  only  on  servers 
that  have  a  maximum  capacity  of  2  CPUs  per  server.  For  more  information,  visit  oracle.com/standardedition 

Copyright  ©  2005,  Oracle.  Oracle,  JD  Edwards,  PeopleSoft  and  Retek  are  registered  trademarks  of  Oracle  Corporation  and/or  its  affiliates. 

Other  names  may  be  trademarks  of  their  respective  owners. 


